Mayur Agnihotri: Malware because “Good Malware Never Dies”. Some underground hackers built this type of malware which does not need any type of permission (“root" or "jailbreak") to access the mobi-le phone to affect the mobimobi-le phone.
Julie Herold, Kenny Herold, Odin’s Eye:
We think there will be a breakthrough outside of the usual delivery of malware via stores. We think until an R&D depart-ment within a security company commits the time to explore this area further, the-re won’t be much change in the the-realized versus perceived attack surface and vec-tors for exploitation.
Ondrej Krehel, LIFARS: Many of the same ones, from malwaretising to phishing texts/emails and unvalidated apps.
Stephan Conradin: We have a great de-pendence on geolocation and disturbation of GPS data could be serious.
David Clarke, VCiso: Mobiles are similar to PCs 15 Years ago, almost everything is vulnerable from text and data transmis-sion to the OS.
Wade Lovell, Simpatic: I am primarily con-cerned about altered variants of apps, especially games, being disseminated through legitimate app stores. I am also concerned about apps with expanded ca-pabilities for analytics, etc. being downlo-aded without users paying attention to the terms and conditions.
Gerald Peng, Mocato: As the majority of phones are Android based, my answer is confined to those devices. The vulnerabili-ties of the Android OS are exposure to cloning, data leakage, weak malicious ap-plication detection and ability to use the device as a microphone. These vulnerabi-lities facilitate identity theft and financial fraud.
Paul Hoffman, Logical Operations: Loca-tion, financial information (Apple Pay),
Roberto Langdon, Nicolas Orlandini, KPMG: Malware addressed to steal infor-mation, to make calls or messages devia-tion, to get private photos or videos, is totally easy. Think that the people are carrying all their emails, access credentials to portals, to mail servers, to home ban-king sites, etc. It is as easy as taban-king candy from a little child. Almost no one cares about this, unfortunately.
M OBILE What kind of vulnerabilities will affect
mobile phones in 2016?
BroadTech Security Team: Theo deRaadt, founder of OpenBSD and Co-founder of NetBSD, said, “Low code quality keeps haunting our entire industry. That, and sloppy programmers who don't under-stand the frameworks they work within.
They're like plumbers high on glue.” I think everything starts there, adding to it is poor hardware design, infectable firmware, malware apps, etc. Again, user discretion and spreading security aware-ness, I believe, can contain a lot of pro-blems and keep them from blowing up.
Before you get a smartphone, it is good to list out what purposes it should serve you and then get just the ones that have only those features and install only necessary apps. Don’t root the phone because so-meone else did it. If you go feature cha-sing, you will end up in trouble because one day you will find that feature was a trap.
Nick Prescot, ZeroDayLab: Malware that's executed by user unluckiness.
Andrew Bagrin, My Digital Shield: I think they will be used as a method for hackers to sneak malware into companies.
M OBILE What kind of vulnerabilities will affect
mobile phones in 2016?
Chase Cunningham, Cynja: Just like your laptop, be sure that your phone is pa-tched and your OS is always up to date.
Use two-factor authentication. If you don’t need an app or don’t need a parti-cular function…turn it off. Bottom line—
don’t suck at patching.
Michael A. Goedeker, Auxilium Cyber Se-curity: Don’t use a phone for secure stuff!
Limit the usage for important calls and functions, only use apps that are tested and proven backdoor and spyware free.
Don’t trust any phone manufacturer, test and verify your Sim card, phone hardwa-re, OS and Apps are secure. Recognize that the underlying communication sys-tem is flawed. Anyone and everyone can track you down, so if you don’t want that, then limit phone use. Use a computer or electronic device that can use encrypted signals and never needs the SS7 based infrastructure.
Elizabeth Houser, Praesidio: Users need to take responsibility for the apps s/he is and should be protected as such.
Mark Bennet, Blustor: Consumers and enterprises alike need to separate the keys of an individual’s digital identity from the devices they require for access. One analogy is that you wouldn’t secure your car by leaving the keys in the ignition and neither should you store your biometric identity on your smartphone. While po-werful devices, smartphones are inheren-tly vulnerable to attack due to the ubiqui-tous and always connected nature. A better solution, such as BluStor’s Cyber-Gate platform, that allows users to seam-lessly separate the digital keys (e.g., bio-metrics) needed to access their phone or other mobile devices, is critical to ad-dressing this vulnerability.
Wade Johansen, CouriTech LLC: Apps like Cerberus to encrypt phones, detect GPS locations (if on), and ability to take pics of users attempting too many passwords are a plus! Remote wipe capability is also han-dy.
Richard De Vere,The AntiSocial Engineer:
I’d like to think every last person who uses the internet should be aware of two factor authentication available for all mo-bile platforms, this should help form the basis of your security - But with our pho-nes becoming the master key for all our digital lives, the need for secure 8+ digit lock screen passwords and mobile disk encryption is more so than ever.