SlideShare une entreprise Scribd logo

Evolutionand impactofhiddenmobilethreats wandera

Anjoum .
Anjoum .

Global Mobility Threats

Mobile
1  sur  7
Télécharger pour lire hors ligne
The Evolution and Impact of Hidden Mobile Threats: Why Your Organization Needs a Multi-Level Security Solution
THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 2 Table of Contents Introduction 3 Common Mobile Threats and the Affects on your Business 3 Vulnerable Legitimate Apps 3 Jailbreaking 4 Outdated OS 4 Malware and Malicious Apps 4 Compromised Wi-Fi Hotspots 5 Phishing 5 Threat Correlation 5 Solution: A Multi-level Predictive Approach to Security 6 Conclusion 7
THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 3 Introduction Mobile attacks, which were rare only a few years ago, are growing exponentially, and they are in many ways different from those in a PC-world. This whitepaper highlights these differences, explains in detail six common mobile threats and discusses the merits and limitations of the security solutions available today. There are two main reasons for the rampant growth in mobile attacks: firstly your employees’ insecure mobile devices can be exploited to gain access into your corporate network; secondly and more importantly, compromising the mobile device itself can be highly lucrative for cyber criminals. It is likely that your organization is already victim of multiple instances of stealing data, intercepting requests or gaining control over individual mobile devices. It is also likely that IT Administrators in your organization are unaware of such attacks. Individually each attack may not result in large financial and public relations costs, making them harder to detect and perhaps a lower priority to address. However, cumulatively they bear significant financial cost to your organization, and make it susceptible to further organized attacks in the future. Detecting and remediating these hidden mobile threats should be a priority for your organization. The mobile threat landscape has other unique characteristics that further complicate the challenge facing mobile security professionals: §§ Risky user behavior - Whether it’s the effect of Apple’s walled-garden approach, or the relative nascence of the mobile threat landscape, end users have a false sense of security when it comes to their mobile devices. Unsuspecting end users can grant apps widespread permissions and even provide root-level access by jailbreaking their phone, whilst relying on their device for sensitive tasks such as online banking. Employers need to educate their employees on these threats and provide best practices to prevent mobile attacks. A recent poll of over 2,000 end users, conducted by Wandera, uncovered that only 7% of employees have been given any form of security guidance on using apps and smartphones in general. §§ Threat from mobile applications – Over 75% of popular apps on iOS and Android official stores can access user data and 29% of these legitimate apps leak data inadvertently or even purposefully by sharing the data with ad networks . The sheer volume of apps downloaded makes it easy for malicious apps to get on the device. Research shows that 24% of IT professionals have seen malware on work smartphones. §§ Business and personal on one device – 70% of employees access corporate data from a personal smartphone or tablet. The security challenge of protecting corporate data is not limited to BYOD devices. Employees are using corporate-owned devices for personal use and want control over the device. §§ New types of threats – Mobile devices are open to completely new types of attacks. For example, criminals use malicious mobile apps to send text messages to premium mobile phone numbers or take control of infected devices. §§ Threats are highly correlated - A mobile device with malware or other vulnerabilities is significantly more likely to suffer from other mobile attacks. This results in exponentially growing risks and associated costs for your organization. Let’s now look at six common mobile threats, and the risks they pose to your organization. Common Mobile Threats and the Affects on your Business Vulnerable Legitimate Apps Mobile users face significant threats from legitimate apps that are downloaded from official app stores. Over 75% of the top iOS and Android apps have permissions to access user data . Poor programming often results in apps inadvertently leaking this sensitive user information. They do this by passing plain-text data in transport or storing data on the device without the necessary security measures. Gartner has predicted that by 2017, 75% of mobile security breaches will be the result of mobile application misconfigurations. Since advertising is a primary source of revenue for most free and even paid apps, data is also often shared with ad networks.
THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 4 As an example of a vulnerable legitimate app, a recent version of the popular Starbucks iOS app, which is used to make payments and accrue rewards, transmitted user data in the clear. It exposed customers’ usernames, e-mail addresses, passwords, and certain location data. Similarly, research done in January 2014 by IO Active Labs discovered that, of the 40 home banking apps from the top banks in the world, 20% were vulnerable to man-in-the-middle (MiTM) attacks and 40% leaked sensitive information like activation codes through plain-text requests, or exposing data through the device logs. These results were surprising 75% of mobile security breaches will be the result of mobile application misconfigurations according to Gartner given the size and resources of the financial institutions and the focus from cyber criminals on mobile banking malware. Jailbreaking It is never safe to have a jailbroken device in your corporate network. Jailbreaking, or rooting is the process of removing the security limitations imposed by the Operating System vendor. Jailbreaking permits root access to the OS file system allowing the download of applications, which are not permitted through the official app stores. Jailbreaking also provides all apps, including malicious ones, with access to data owned by other applications. End users often jailbreak a device in order to gain access to a capability or app that is not officially supported, or to unlock their phone so that it can be used with other carriers. It is possible that the employee may not even know that their device has been jailbroken. As an example, Pangu is a jailbreak for iOS 7.1 that uses an expired enterprise certificate, and can potentially be injected without the user’s knowledge. Outdated OS In the cat and mouse game of OS vendor patching of known vulnerabilities whilst hackers race to exploit them, a device running an outdated OS is by definition vulnerable and presents a significant risk of being compromised. There are more than 11,000 different combinations of Android devices and Android Operating Systems in existence. This fragmentation creates a management headache and a security issue whereby many devices remain with outdated OSs. This is also a challenge on the iOS platform. Evidence suggests that 24% of iPhone users were on an older OS, even 5 months after the release of the new iOS7 . In an enterprise setting, IT departments sometimes choose to implement a phased approach to OS upgrades for their mobile device fleets to keep in step with releases to their MDMs and this staggered approach also creates devices with outdated OSs. Malware and Malicious Apps Mobile malware is malicious software designed to steal personal information stored on the 55% of adults use the device or gain control over the device. Most mobile malware spreads via malicious apps same password for that persist on the device and gain extensive permissions. most web services Google’s Android platform is most vulnerable to malware due to the level of control the platform provides developers and the ability to download apps from 3rd party stores that are not vetted by Google. However, the iOS platform is not completely worry-free either. For example, a flaw found recently in Apple’s iOS allowed hackers to intercept email and other communications that were meant to be encrypted. Other techniques that hackers employ on the iOS platform are malicious profiles or rogue certificates. A malicious profile can overwrite system functionality such as MDM software or mobile carrier settings, and be used to bypass various security measures and potentially intercept all data packets. Hackers can also gain access to a developer certificate or enterprise certificate, allowing a malicious app to be installed directly without going through Apple’s app store. Finally, as discussed earlier, a jailbroken iOS device removes all the security limitations imposed by Apple making it extremely vulnerable to malware attacks. The top categories in mobile malware include: §§ Premium Service Abuser – Sends text messages to premium mobile phone numbers, racking up unauthorized charges. §§ Information Theft – Similar to adware and some legitimate apps, this type of malware leaks sensitive information. The intent is almost always to find sensitive information that can be sold or exploited for other attacks such as phishing or mobile banking fraud. §§ Malicious Downloader – Downloads malicious apps and files, its main objective is to download more malware. Numerous malicious apps contain multiple types of threats and mechanisms for spreading. As an example, a Trojan named Obad sends messages to premium rate numbers, downloads and installs other malware, and uses Bluetooth to install itself on other devices.
THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 5 Compromised Wi-Fi Hotspots With over 5.8 million hotspots expected by the end of 2015 , free Wi-Fi has become ubiquitous and convenient, but also a prime target for exploitation. The attacker may create a spoofed Wi-Fi network (e.g. ‘Free-Starbucks’) or simply connect to the same legitimate Wi-Fi that the victim is using with tools like Droidsheep. Either way all communications end up passing through the attacker-controlled network device. They can easily intercept passwords, credit card details and other sensitive information that can lead to identity theft, financial compromises or access to your corporate network. Even websites with SSL encryption are not bulletproof. Hackers can modify the encrypted (SSL) network’s communication by using spoofed certificates, or by downgrading the communication link, so that it’s un-encrypted and completely open to the attacker. In these scenarios any data such as email passwords, banking details and other valuable information can be intercepted and stolen. In a recent poll conducted by Ofcom, it was discovered that 55% of adults used the same password for most web services. This is an important aspect of user behavior. Even if hackers exploit just a single innocuous site or app, it will provide them with access to multiple other high value assets. Phishing Phishing is one of the oldest means of Internet attack. Authentic-looking emails or websites are presented on the device, and vulnerable users are deceived into volunteering sensitive information such as their as username, password and credit number to the hackers. Smartphone users are three times more likely to share their various account login and password credentials on malicious phishing sites . This is due to the fact that users are constantly checking email accounts on their mobile device, often multi-tasking and so not paying full attention. Furthermore the mobile device screen real estate is too small for users to accurately determine the legitimacy of a URL. On mobile, phishing attempts can be delivered over SMS as well as email. In addition to fake websites, employees are also being targeted by apps designed to impersonate popular apps. A type of phishing attack known as spear-phishing targets specific organizations to gain unauthorized access to confidential data, rather than a generic phishing attempt to large group of people. The larger the organization, the greater the risk of a spear-phishing attack. One in 2.3 companies with over 2,500 employees were targeted in at least one spear-phishing attempt, whereas one in five small or medium businesses were targeted. Threat Correlation The compounding effect of mobile threats further stresses the need to proactively address these vulnerabilities before they reach an inflection point where impact and cost start to snowball. Unlike the PC-platform, mobile threats are highly correlated. A user with an infected device is more likely to suffer from other mobile attacks. This is often because: §§ Users who grant widespread permission to legitimate apps are most likely to download malicious apps. §§ Malicious apps generally exhibit multiple bad behaviors and are designed to spread to other devices by gaining access to the address book. §§ Jailbroken phones are more susceptible to malware. §§ A device with malware is most at risk of being exploited if there is a password or data leak by a legitimate app. §§ A user whose device leaks information like an email address is an easy target for phishing. Detecting and remediating these mobile threats should be a priority for your organization. The compounding effect of mobile threats further stresses the need to proactively address these vulnerabilities before they reach an inflection point where impact and cost start to snowball.
THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 6 Solution: A Multi-level Predictive Approach to Security We have addressed the challenges to businesses when it comes to mobile security in detail. Now let’s discuss possible solutions. Several fragmented security solutions exist to address the different mobile threats that enterprises face today. App reputation lists provide information on the risks associated with apps on your employees’ devices. However, with the constantly changing landscape of both mobile threats and the frequent updating of legitimate apps, a list-based approach has limitations in detecting the latest threats. Similarly, anti-virus (AV) solutions and malware scanners are reactive to the latest attacks and cannot adapt to the changing and interconnected threat landscape. App wrappers and enterprise app stores adopt a whitelist approach allowing employees to only download pre-approved apps. These ‘locked-down’ solutions are typically not feasible for BYOD devices. Employees also expect more control over corporate-owned devices and a whitelist approach can result in a negative experience. On average, smartphone users are downloading 15 apps each quarter . Not all apps are compatible with these approaches and it’s inefficient to maintain lists that require IT managers to decide what apps to approve and go through manual steps to add and remove those apps. Secure containers that provide full auditing and true SSO are quite effective in protecting some corporate data, but do not provide any protection outside of the container and typically also result in a negative user experience. With weaknesses evident in current solutions, the most effective security solutions today should utilize algorithms to detect patterns that signal malicious or risky behavior. Wandera Secure offers such a predictive solution, with two key differentiators that ensure the most comprehensive and reliable threat detection: §§ Multi-level: Wandera’s cloud gateway sits in the path of mobile data in between employee devices and the Internet, and scans all the data in the network in real time. This data is combined with heartbeats (device configurations, apps, events and logs) from the mobile device as well as databases of malicious sites and rogue apps. This approach provides maximum visibility into various type of malware, risks and data leaks. §§ Correlation: Wandera’s proprietary algorithms correlate data processed from these multiple sources to determine severity and deliver a recommended remediation plan for each identified threat. Machine learning is an important aspect of data processing, as it allows for the detection of unanticipated correlations, which are predictive of malicious or risky behavior. It also identifies and signals outliers and anomalies. Let’s take a look at concrete examples where data from the network and on the device are correlated in order to identify malicious behavior: §§ Malware: Anomalous behavior such as launch of a backdoor VPN to a suspect IP address is detected on a device. In parallel, network traffic identifies a specific app being used at the time, and correlates these two incidents to identify the app as malicious. §§ Leaky apps: Multiple data leak attributes can be detected such as password, userid, corporate email, geolocation, credit card, social security number, date of birth, contact book upload, and device UDID. §§ Outdated OS: Records the Operating System version on the device intermittently. You can set policies that prohibit or restrict network access as well as actively monitoring the device and the network for known vulnerabilities specific to the version of the Operating System on the device.
THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 7 Conclusion To summarize, we have reviewed in detail the cost and impact of new mobile device attacks, with an analysis of the unique characteristics of the emerging threat landscape. We have gone on to describe six commonly used mobile threats and considered the impact on today’s interconnected and always-on organizations from these hidden risks. Your organization faces a real risk from hackers stealing data or gaining control over employee mobile devices. Preventing these attacks should be a top priority, however we can see they present a unique set of challenges. This paper has investigated the impacts and interdependencies of threat correlations, which can reach an inflection point and snowball, causing very significant damage to your company, its staff and its reputation. Lastly we have looked at the rigid security solutions available in today’s market to combat these threats and advocated a security solution that is multi-level (looking at multiple data sources) and also relies on correlation technologies (to identify increasingly complex threats). These two approaches should be incorporated as standard for any mobile security solution to be able to combat the evolving, high impact and hidden threats in today’s mobile environments. About Wandera Wandera is the world’s first Mobile Data Gateway, ensuring a secure and productive mobile Internet experience for businesses. Founded in 2012 and headquartered in San Francisco and London, Wandera is backed by leading venture capitalists Bessemer Venture Partners. For more information visit www.wandera.com Wandera US 180 Sansome Street, San Francisco, CA 94104 T +1 (415) 275 0636 E info@wandera.com Wandera UK 55 Bryanston Street, London, W1H 7AA T +44 (0) 203 301 2660 E info@wandera.com

Recommandé

Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
Kavita Rastogi
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoS
Purna Bhat
 
OS-Project-Report-Team-8
OS-Project-Report-Team-8OS-Project-Report-Team-8
OS-Project-Report-Team-8
shriram suryanarayanan
 
Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threat
Ali J
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
Tharaka Mahadewa
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_report
Isnur Rochmad
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
EMC
 
Security News bytes October 2013
Security News bytes October 2013Security News bytes October 2013
Security News bytes October 2013
n|u - The Open Security Community
 

Recommandé

Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
Kavita Rastogi
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoS
Purna Bhat
 
OS-Project-Report-Team-8
OS-Project-Report-Team-8OS-Project-Report-Team-8
OS-Project-Report-Team-8
shriram suryanarayanan
 
Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threat
Ali J
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
Tharaka Mahadewa
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_report
Isnur Rochmad
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
EMC
 
Security News bytes October 2013
Security News bytes October 2013Security News bytes October 2013
Security News bytes October 2013
n|u - The Open Security Community
 
Blue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportBlue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware Report
Content Rules, Inc.
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
SHOLOVE INTERNATIONAL LLC
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
Lookout
 
10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware
SytelReplyUK
 
Mobile security
Mobile securityMobile security
Mobile security
home
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & Mobile
SISA Information Security Pvt.Ltd
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
Patrick Bouillaud
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Tyler Shields
 
Feds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or notFeds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or not
Lookout
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01
ijmnct
 
Trojan horseofbyod2
Trojan horseofbyod2Trojan horseofbyod2
Trojan horseofbyod2
Stephanie Vanroelen
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware product
GFI Software
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0
Javier Gonzalez
 
Report on Rogue Security Software: a summary
Report on Rogue Security Software: a summaryReport on Rogue Security Software: a summary
Report on Rogue Security Software: a summary
Symantec Italia
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
Spire Research and Consulting
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
Icomm Technologies
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
Microsoft Asia
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
Anatoliy Tkachev
 
5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security
Lookout
 
Sec 270 02 sect 01v1
Sec 270 02 sect 01v1Sec 270 02 sect 01v1
Sec 270 02 sect 01v1
wchend
 
Six Sigma For Managers 185
Six Sigma For Managers 185Six Sigma For Managers 185
Six Sigma For Managers 185
Anjoum .
 
Tbc career meeting 02 2012 linked in-1
Tbc career meeting 02 2012 linked in-1Tbc career meeting 02 2012 linked in-1
Tbc career meeting 02 2012 linked in-1
wchend
 

Contenu connexe

Tendances

Blue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportBlue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware Report
Content Rules, Inc.
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
Lookout
 
10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware
SytelReplyUK
 
Mobile security
Mobile securityMobile security
Mobile security
home
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Tyler Shields
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01
ijmnct
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
Microsoft Asia
 

Tendances (19)

Blue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportBlue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware Report
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
 
10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware
 
Mobile security
Mobile securityMobile security
Mobile security
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & Mobile
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
 
Feds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or notFeds: You have a BYOD program whether you like it or not
Feds: You have a BYOD program whether you like it or not
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01
 
Trojan horseofbyod2
Trojan horseofbyod2Trojan horseofbyod2
Trojan horseofbyod2
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware product
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0
 
Report on Rogue Security Software: a summary
Report on Rogue Security Software: a summaryReport on Rogue Security Software: a summary
Report on Rogue Security Software: a summary
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
 
5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security
 

En vedette

Sec 270 02 sect 01v1
Sec 270 02 sect 01v1Sec 270 02 sect 01v1
Sec 270 02 sect 01v1
wchend
 
Six Sigma For Managers 185
Six Sigma For Managers 185Six Sigma For Managers 185
Six Sigma For Managers 185
Anjoum .
 
Tbc career meeting 02 2012 linked in-1
Tbc career meeting 02 2012 linked in-1Tbc career meeting 02 2012 linked in-1
Tbc career meeting 02 2012 linked in-1
wchend
 
Sec 270 02 sect 01av1
Sec 270 02 sect 01av1Sec 270 02 sect 01av1
Sec 270 02 sect 01av1
wchend
 
Tbc career meeting 02 2012 linked in-2
Tbc career meeting 02 2012 linked in-2Tbc career meeting 02 2012 linked in-2
Tbc career meeting 02 2012 linked in-2
wchend
 
Slideshare Bedrijfspresentatie Connect It V1.0
Slideshare Bedrijfspresentatie Connect It V1.0Slideshare Bedrijfspresentatie Connect It V1.0
Slideshare Bedrijfspresentatie Connect It V1.0
prijke
 
提高扩展能力的常用模式——黄东
提高扩展能力的常用模式——黄东提高扩展能力的常用模式——黄东
提高扩展能力的常用模式——黄东
programmermag
 
Business Excellence
Business ExcellenceBusiness Excellence
Business Excellence
Anjoum .
 

En vedette (9)

Sec 270 02 sect 01v1
Sec 270 02 sect 01v1Sec 270 02 sect 01v1
Sec 270 02 sect 01v1
 
Six Sigma For Managers 185
Six Sigma For Managers 185Six Sigma For Managers 185
Six Sigma For Managers 185
 
Tbc career meeting 02 2012 linked in-1
Tbc career meeting 02 2012 linked in-1Tbc career meeting 02 2012 linked in-1
Tbc career meeting 02 2012 linked in-1
 
Sec 270 02 sect 01av1
Sec 270 02 sect 01av1Sec 270 02 sect 01av1
Sec 270 02 sect 01av1
 
Tbc career meeting 02 2012 linked in-2
Tbc career meeting 02 2012 linked in-2Tbc career meeting 02 2012 linked in-2
Tbc career meeting 02 2012 linked in-2
 
Slideshare Bedrijfspresentatie Connect It V1.0
Slideshare Bedrijfspresentatie Connect It V1.0Slideshare Bedrijfspresentatie Connect It V1.0
Slideshare Bedrijfspresentatie Connect It V1.0
 
提高扩展能力的常用模式——黄东
提高扩展能力的常用模式——黄东提高扩展能力的常用模式——黄东
提高扩展能力的常用模式——黄东
 
All
AllAll
All
 
Business Excellence
Business ExcellenceBusiness Excellence
Business Excellence
 

Similaire à Evolutionand impactofhiddenmobilethreats wandera

CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
kostikjaylonshaewe47
 
Whitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppWhitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6pp
Eric Zhuo
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App Security
Cygnet Infotech
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
Joseph White MPA CPM
 
Securing mobile devices in the business environment
Securing mobile devices in the business environmentSecuring mobile devices in the business environment
Securing mobile devices in the business environment
IBM Software India
 
Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devices
rebelreg
 

Similaire à Evolutionand impactofhiddenmobilethreats wandera (20)

CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
 
Whitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppWhitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6pp
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App Security
 
Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application Security
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
How to Build Secure Mobile Apps.pdf
How to Build Secure Mobile Apps.pdfHow to Build Secure Mobile Apps.pdf
How to Build Secure Mobile Apps.pdf
 
Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOS
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats Report
 
State ofmobilesecurity
State ofmobilesecurityState ofmobilesecurity
State ofmobilesecurity
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
 
HinDroid
HinDroidHinDroid
HinDroid
 
Cn35499502
Cn35499502Cn35499502
Cn35499502
 
Mobile App Security Best Practices Protecting User Data.pdf
Mobile App Security Best Practices Protecting User Data.pdfMobile App Security Best Practices Protecting User Data.pdf
Mobile App Security Best Practices Protecting User Data.pdf
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
 
Securing mobile devices in the business environment
Securing mobile devices in the business environmentSecuring mobile devices in the business environment
Securing mobile devices in the business environment
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdf
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
 
Smartphone
SmartphoneSmartphone
Smartphone
 
Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devices
 

Plus de Anjoum .

Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_toolsEma report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Anjoum .
 
Business Excellence
Business ExcellenceBusiness Excellence
Business Excellence
Anjoum .
 

Plus de Anjoum . (6)

Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_toolsEma report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
 
Labtech 0013-service desk-best_practices
Labtech 0013-service desk-best_practicesLabtech 0013-service desk-best_practices
Labtech 0013-service desk-best_practices
 
10 mistakes managers make managing people
10 mistakes managers make managing people10 mistakes managers make managing people
10 mistakes managers make managing people
 
Istr19 en
Istr19 enIstr19 en
Istr19 en
 
Business Excellence
Business ExcellenceBusiness Excellence
Business Excellence
 
Cloud Computing Ppt
Cloud Computing PptCloud Computing Ppt
Cloud Computing Ppt
 

Dernier

BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
Delhi Call girls
 
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
nishacall1
 
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRFULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
nishacall1
 
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Cara Menggugurkan Kandungan 087776558899
 

Dernier (6)

BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
 
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
 
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost LoverPowerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
 
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRFULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
 
Leading Mobile App Development Companies in India (2).pdf
Leading Mobile App Development Companies in India (2).pdfLeading Mobile App Development Companies in India (2).pdf
Leading Mobile App Development Companies in India (2).pdf
 
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
 

Evolutionand impactofhiddenmobilethreats wandera

  • 1. The Evolution and Impact of Hidden Mobile Threats: Why Your Organization Needs a Multi-Level Security Solution
  • 2. THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 2 Table of Contents Introduction 3 Common Mobile Threats and the Affects on your Business 3 Vulnerable Legitimate Apps 3 Jailbreaking 4 Outdated OS 4 Malware and Malicious Apps 4 Compromised Wi-Fi Hotspots 5 Phishing 5 Threat Correlation 5 Solution: A Multi-level Predictive Approach to Security 6 Conclusion 7
  • 3. THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 3 Introduction Mobile attacks, which were rare only a few years ago, are growing exponentially, and they are in many ways different from those in a PC-world. This whitepaper highlights these differences, explains in detail six common mobile threats and discusses the merits and limitations of the security solutions available today. There are two main reasons for the rampant growth in mobile attacks: firstly your employees’ insecure mobile devices can be exploited to gain access into your corporate network; secondly and more importantly, compromising the mobile device itself can be highly lucrative for cyber criminals. It is likely that your organization is already victim of multiple instances of stealing data, intercepting requests or gaining control over individual mobile devices. It is also likely that IT Administrators in your organization are unaware of such attacks. Individually each attack may not result in large financial and public relations costs, making them harder to detect and perhaps a lower priority to address. However, cumulatively they bear significant financial cost to your organization, and make it susceptible to further organized attacks in the future. Detecting and remediating these hidden mobile threats should be a priority for your organization. The mobile threat landscape has other unique characteristics that further complicate the challenge facing mobile security professionals: §§ Risky user behavior - Whether it’s the effect of Apple’s walled-garden approach, or the relative nascence of the mobile threat landscape, end users have a false sense of security when it comes to their mobile devices. Unsuspecting end users can grant apps widespread permissions and even provide root-level access by jailbreaking their phone, whilst relying on their device for sensitive tasks such as online banking. Employers need to educate their employees on these threats and provide best practices to prevent mobile attacks. A recent poll of over 2,000 end users, conducted by Wandera, uncovered that only 7% of employees have been given any form of security guidance on using apps and smartphones in general. §§ Threat from mobile applications – Over 75% of popular apps on iOS and Android official stores can access user data and 29% of these legitimate apps leak data inadvertently or even purposefully by sharing the data with ad networks . The sheer volume of apps downloaded makes it easy for malicious apps to get on the device. Research shows that 24% of IT professionals have seen malware on work smartphones. §§ Business and personal on one device – 70% of employees access corporate data from a personal smartphone or tablet. The security challenge of protecting corporate data is not limited to BYOD devices. Employees are using corporate-owned devices for personal use and want control over the device. §§ New types of threats – Mobile devices are open to completely new types of attacks. For example, criminals use malicious mobile apps to send text messages to premium mobile phone numbers or take control of infected devices. §§ Threats are highly correlated - A mobile device with malware or other vulnerabilities is significantly more likely to suffer from other mobile attacks. This results in exponentially growing risks and associated costs for your organization. Let’s now look at six common mobile threats, and the risks they pose to your organization. Common Mobile Threats and the Affects on your Business Vulnerable Legitimate Apps Mobile users face significant threats from legitimate apps that are downloaded from official app stores. Over 75% of the top iOS and Android apps have permissions to access user data . Poor programming often results in apps inadvertently leaking this sensitive user information. They do this by passing plain-text data in transport or storing data on the device without the necessary security measures. Gartner has predicted that by 2017, 75% of mobile security breaches will be the result of mobile application misconfigurations. Since advertising is a primary source of revenue for most free and even paid apps, data is also often shared with ad networks.
  • 4. THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 4 As an example of a vulnerable legitimate app, a recent version of the popular Starbucks iOS app, which is used to make payments and accrue rewards, transmitted user data in the clear. It exposed customers’ usernames, e-mail addresses, passwords, and certain location data. Similarly, research done in January 2014 by IO Active Labs discovered that, of the 40 home banking apps from the top banks in the world, 20% were vulnerable to man-in-the-middle (MiTM) attacks and 40% leaked sensitive information like activation codes through plain-text requests, or exposing data through the device logs. These results were surprising 75% of mobile security breaches will be the result of mobile application misconfigurations according to Gartner given the size and resources of the financial institutions and the focus from cyber criminals on mobile banking malware. Jailbreaking It is never safe to have a jailbroken device in your corporate network. Jailbreaking, or rooting is the process of removing the security limitations imposed by the Operating System vendor. Jailbreaking permits root access to the OS file system allowing the download of applications, which are not permitted through the official app stores. Jailbreaking also provides all apps, including malicious ones, with access to data owned by other applications. End users often jailbreak a device in order to gain access to a capability or app that is not officially supported, or to unlock their phone so that it can be used with other carriers. It is possible that the employee may not even know that their device has been jailbroken. As an example, Pangu is a jailbreak for iOS 7.1 that uses an expired enterprise certificate, and can potentially be injected without the user’s knowledge. Outdated OS In the cat and mouse game of OS vendor patching of known vulnerabilities whilst hackers race to exploit them, a device running an outdated OS is by definition vulnerable and presents a significant risk of being compromised. There are more than 11,000 different combinations of Android devices and Android Operating Systems in existence. This fragmentation creates a management headache and a security issue whereby many devices remain with outdated OSs. This is also a challenge on the iOS platform. Evidence suggests that 24% of iPhone users were on an older OS, even 5 months after the release of the new iOS7 . In an enterprise setting, IT departments sometimes choose to implement a phased approach to OS upgrades for their mobile device fleets to keep in step with releases to their MDMs and this staggered approach also creates devices with outdated OSs. Malware and Malicious Apps Mobile malware is malicious software designed to steal personal information stored on the 55% of adults use the device or gain control over the device. Most mobile malware spreads via malicious apps same password for that persist on the device and gain extensive permissions. most web services Google’s Android platform is most vulnerable to malware due to the level of control the platform provides developers and the ability to download apps from 3rd party stores that are not vetted by Google. However, the iOS platform is not completely worry-free either. For example, a flaw found recently in Apple’s iOS allowed hackers to intercept email and other communications that were meant to be encrypted. Other techniques that hackers employ on the iOS platform are malicious profiles or rogue certificates. A malicious profile can overwrite system functionality such as MDM software or mobile carrier settings, and be used to bypass various security measures and potentially intercept all data packets. Hackers can also gain access to a developer certificate or enterprise certificate, allowing a malicious app to be installed directly without going through Apple’s app store. Finally, as discussed earlier, a jailbroken iOS device removes all the security limitations imposed by Apple making it extremely vulnerable to malware attacks. The top categories in mobile malware include: §§ Premium Service Abuser – Sends text messages to premium mobile phone numbers, racking up unauthorized charges. §§ Information Theft – Similar to adware and some legitimate apps, this type of malware leaks sensitive information. The intent is almost always to find sensitive information that can be sold or exploited for other attacks such as phishing or mobile banking fraud. §§ Malicious Downloader – Downloads malicious apps and files, its main objective is to download more malware. Numerous malicious apps contain multiple types of threats and mechanisms for spreading. As an example, a Trojan named Obad sends messages to premium rate numbers, downloads and installs other malware, and uses Bluetooth to install itself on other devices.
  • 5. THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 5 Compromised Wi-Fi Hotspots With over 5.8 million hotspots expected by the end of 2015 , free Wi-Fi has become ubiquitous and convenient, but also a prime target for exploitation. The attacker may create a spoofed Wi-Fi network (e.g. ‘Free-Starbucks’) or simply connect to the same legitimate Wi-Fi that the victim is using with tools like Droidsheep. Either way all communications end up passing through the attacker-controlled network device. They can easily intercept passwords, credit card details and other sensitive information that can lead to identity theft, financial compromises or access to your corporate network. Even websites with SSL encryption are not bulletproof. Hackers can modify the encrypted (SSL) network’s communication by using spoofed certificates, or by downgrading the communication link, so that it’s un-encrypted and completely open to the attacker. In these scenarios any data such as email passwords, banking details and other valuable information can be intercepted and stolen. In a recent poll conducted by Ofcom, it was discovered that 55% of adults used the same password for most web services. This is an important aspect of user behavior. Even if hackers exploit just a single innocuous site or app, it will provide them with access to multiple other high value assets. Phishing Phishing is one of the oldest means of Internet attack. Authentic-looking emails or websites are presented on the device, and vulnerable users are deceived into volunteering sensitive information such as their as username, password and credit number to the hackers. Smartphone users are three times more likely to share their various account login and password credentials on malicious phishing sites . This is due to the fact that users are constantly checking email accounts on their mobile device, often multi-tasking and so not paying full attention. Furthermore the mobile device screen real estate is too small for users to accurately determine the legitimacy of a URL. On mobile, phishing attempts can be delivered over SMS as well as email. In addition to fake websites, employees are also being targeted by apps designed to impersonate popular apps. A type of phishing attack known as spear-phishing targets specific organizations to gain unauthorized access to confidential data, rather than a generic phishing attempt to large group of people. The larger the organization, the greater the risk of a spear-phishing attack. One in 2.3 companies with over 2,500 employees were targeted in at least one spear-phishing attempt, whereas one in five small or medium businesses were targeted. Threat Correlation The compounding effect of mobile threats further stresses the need to proactively address these vulnerabilities before they reach an inflection point where impact and cost start to snowball. Unlike the PC-platform, mobile threats are highly correlated. A user with an infected device is more likely to suffer from other mobile attacks. This is often because: §§ Users who grant widespread permission to legitimate apps are most likely to download malicious apps. §§ Malicious apps generally exhibit multiple bad behaviors and are designed to spread to other devices by gaining access to the address book. §§ Jailbroken phones are more susceptible to malware. §§ A device with malware is most at risk of being exploited if there is a password or data leak by a legitimate app. §§ A user whose device leaks information like an email address is an easy target for phishing. Detecting and remediating these mobile threats should be a priority for your organization. The compounding effect of mobile threats further stresses the need to proactively address these vulnerabilities before they reach an inflection point where impact and cost start to snowball.
  • 6. THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 6 Solution: A Multi-level Predictive Approach to Security We have addressed the challenges to businesses when it comes to mobile security in detail. Now let’s discuss possible solutions. Several fragmented security solutions exist to address the different mobile threats that enterprises face today. App reputation lists provide information on the risks associated with apps on your employees’ devices. However, with the constantly changing landscape of both mobile threats and the frequent updating of legitimate apps, a list-based approach has limitations in detecting the latest threats. Similarly, anti-virus (AV) solutions and malware scanners are reactive to the latest attacks and cannot adapt to the changing and interconnected threat landscape. App wrappers and enterprise app stores adopt a whitelist approach allowing employees to only download pre-approved apps. These ‘locked-down’ solutions are typically not feasible for BYOD devices. Employees also expect more control over corporate-owned devices and a whitelist approach can result in a negative experience. On average, smartphone users are downloading 15 apps each quarter . Not all apps are compatible with these approaches and it’s inefficient to maintain lists that require IT managers to decide what apps to approve and go through manual steps to add and remove those apps. Secure containers that provide full auditing and true SSO are quite effective in protecting some corporate data, but do not provide any protection outside of the container and typically also result in a negative user experience. With weaknesses evident in current solutions, the most effective security solutions today should utilize algorithms to detect patterns that signal malicious or risky behavior. Wandera Secure offers such a predictive solution, with two key differentiators that ensure the most comprehensive and reliable threat detection: §§ Multi-level: Wandera’s cloud gateway sits in the path of mobile data in between employee devices and the Internet, and scans all the data in the network in real time. This data is combined with heartbeats (device configurations, apps, events and logs) from the mobile device as well as databases of malicious sites and rogue apps. This approach provides maximum visibility into various type of malware, risks and data leaks. §§ Correlation: Wandera’s proprietary algorithms correlate data processed from these multiple sources to determine severity and deliver a recommended remediation plan for each identified threat. Machine learning is an important aspect of data processing, as it allows for the detection of unanticipated correlations, which are predictive of malicious or risky behavior. It also identifies and signals outliers and anomalies. Let’s take a look at concrete examples where data from the network and on the device are correlated in order to identify malicious behavior: §§ Malware: Anomalous behavior such as launch of a backdoor VPN to a suspect IP address is detected on a device. In parallel, network traffic identifies a specific app being used at the time, and correlates these two incidents to identify the app as malicious. §§ Leaky apps: Multiple data leak attributes can be detected such as password, userid, corporate email, geolocation, credit card, social security number, date of birth, contact book upload, and device UDID. §§ Outdated OS: Records the Operating System version on the device intermittently. You can set policies that prohibit or restrict network access as well as actively monitoring the device and the network for known vulnerabilities specific to the version of the Operating System on the device.
  • 7. THE EVOLUTION AND IMPACT OF HIDDEN MOBILE THREATS: WHY YOUR ORGANIZATION NEEDS A MULTI-LEVEL SECURITY SOLUTION PAGE 7 Conclusion To summarize, we have reviewed in detail the cost and impact of new mobile device attacks, with an analysis of the unique characteristics of the emerging threat landscape. We have gone on to describe six commonly used mobile threats and considered the impact on today’s interconnected and always-on organizations from these hidden risks. Your organization faces a real risk from hackers stealing data or gaining control over employee mobile devices. Preventing these attacks should be a top priority, however we can see they present a unique set of challenges. This paper has investigated the impacts and interdependencies of threat correlations, which can reach an inflection point and snowball, causing very significant damage to your company, its staff and its reputation. Lastly we have looked at the rigid security solutions available in today’s market to combat these threats and advocated a security solution that is multi-level (looking at multiple data sources) and also relies on correlation technologies (to identify increasingly complex threats). These two approaches should be incorporated as standard for any mobile security solution to be able to combat the evolving, high impact and hidden threats in today’s mobile environments. About Wandera Wandera is the world’s first Mobile Data Gateway, ensuring a secure and productive mobile Internet experience for businesses. Founded in 2012 and headquartered in San Francisco and London, Wandera is backed by leading venture capitalists Bessemer Venture Partners. For more information visit www.wandera.com Wandera US 180 Sansome Street, San Francisco, CA 94104 T +1 (415) 275 0636 E info@wandera.com Wandera UK 55 Bryanston Street, London, W1H 7AA T +44 (0) 203 301 2660 E info@wandera.com