A survey reflects the problems the mobile phone users face in the Asian country
A survey conducted by cyber security organization experts in China has revealed that 85% of mobile apps users in that country have experienced data leaks.
For the vast majority of users, leaks meant receiving constant calls and messages from sales departments and advertisers, while many other users complained that they had received calls from scammers. Among the three most frequent complaints was receiving junk mail, while other unwanted consequences included receiving links to illegal sites and even stealing passwords from the user’s email accounts.
According to experts, during the first half of 2018, the illegal collection of data from e-commerce pages and social platforms became the main reason for the allegations. After surveying more than 4400 people between July and August 2018, cyber security organization specialists published their findings on August 29. This study is released while data-leaking scandals continue to appear in local media on a regular basis. This week, Chinese media discovered what could be the biggest data leak in recent years, as hackers are selling in dark web forums data of more than 130 million customers of a Chinese hotel chain.
Respondents consider that the main responsibility of data leaking is for app operators (62.2%), followed by illegal resellers to third parties (60.6%) and gaps in the network service system (57.4%). Less than 35% of them considered the reasons for the leaks to malicious software, phishing websites, and other data-theft media.
The survey reveals the weak points of app users in China. Almost 70% of respondents believe that mobile apps request access to private data even if their functions do not require it. This includes requiring access to the location and contact list, call logs, and SMS, camera, and microphone recording.
On the other hand, awareness on cyber security organization issues appears to be growing; 60% of respondents mentioned having taken some steps to protect their personal information, either by omitting certain information, disabling location-based custom services, denying access to apps, installing protection software or just giving false information.
More than 80% of respondents believe that developers should work more on data security. Cyber security organization specialists from the International Institute of Cyber Security conclude that the main reasons for the lack of security in apps is the awareness of personal safety and lack of supervision. The latter could be mitigated by an app verification system and a black list of developers, the report concluded.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.