×

Productivity apps are a prime target for hackers: Industry experts

Craig Warga | Bloomberg | Getty Images

Apps designed to increase productivity and efficiency are increasingly being targeted by cyber criminals, industry experts have warned CNBC.

Cisco's 10th annual report on global cyber security issues, released yesterday, highlighted the problem caused by third-party apps being used by employees to improve their productivity in the workplace.

These cloud-connected apps present a security risk to businesses as they often gain extensive access, meaning they can view, delete, move or store corporate data. Cyber criminals targeting these apps could use the apps connection to gain access to this data.

The report sampled 900 organizations and identified 222,000 third-party applications being used by employees. Of these apps, 27 percent were classified as high risk.

David Kennerley, director of threat research at cyber security company Webroot, explained why so many of these apps present a security concern.

"We believe this is due to many users not expecting a productivity or professional tool to be a target for cyber criminals, but the reality is that these apps often need quite a lot of information or integration with email accounts to function, so they can be quite effective threat vectors for cunning attackers," he said in a press statement sent to CNBC.

According to Kennerley, there has been an explosion of malicious applications in the last year, with many targeting Android devices.

"The most affected category of malicious apps we saw was productivity tools, representing 31% of all malicious Android apps detected," he said.

Productivity tools are not the only cause for concern.Recently there have been several reports of malicious programs disguised as popular apps.

Apps downloaded from third-party sites were disguised as being Netflix, Facebook or WhatsApp, among others, but contained a piece of spyware called the SpyNote RAT.

This program would allow someone to remotely access the device, enabling them to copy files, read messages, view contacts and activate the device's microphone to listen to conversations.

Chris Hodson, EMEA chief information security officer for cloud-based security firm Zscaler, explained that while disguised spyware is not new, cyber criminals have become more sophisticated and are now able to make the apps look more authentic and legitimate.

"Android users must be more vigilant today than ever before and only deploy apps from legitimate Google and Apple application stores. We have identified examples of malware on these sites but a fraction of the likelihood," he told CNBC via email.

Follow CNBC International on Twitter and Facebook.