Mobile security – or lack of it – is the latest but fastest-growing vulnerability faced by enterprises worldwide. How we do business has changed and mobile threat prevention has finally come to the forefront of enterprise security concerns. 40% of employees of large enterprises use their personal devices for work as enterprises move more towards a Bring Your Own Device strategy. This can be a double-edged sword for enterprises as the device is the property of the employee and therefore cannot be remotely accessed by the enterprise and given security updates. Today, more than 90 percent of enterprises use third-party commercial applications for their mobile BYOD strategies.
Gartner predicts that by 2017, the focus of endpoint breaches will shift to tablets and smartphones and it recommends that enterprises focus on data protection on mobile devices through usable and efficient solutions. Mobile threat prevention is clearly not a topic to be taken lightly. And yet 56% of enterprises admit to being unlikely to be able detect a sophisticated threat.(EY)
Hacktivists and criminals rely on consumer and enterprise naivety with regard to smartphones in order to successfully achieve their hacking aims. Anti-virus software and network firewalls have long been seen as must-haves for laptops and PCs and yet cybercrime and the mobile threat to smartphones are not treated with the same sense of urgency. Enterprises are now beginning to realise that true risk management extends far beyond anti-virus when it comes to enterprise mobility management.
Smartphones face a diverse range of threats from two major sources:
1. Attacks from malware
“There was five times more OS X malware in 2015 than the previous five years combined.” (Wall Street Journal)
“75% of all apps fail basic security tests.” (Gartner)
Malware can breach a mobile device through an unsecure or fake WiFi network, a ‘leaky’ app, an IP redirect, malicious websites and endless other methods. Every year hackers and criminals get more resourceful at creating effective malware as the proceeds of the crime provides a slush fund to develop more complex ways to continue hacking.
Malware attacks such as MiTM (Man in the Middle) attacks can prove devastating for Enterprises. This type of insidious attack allows a remote user to gain absolute control of everything in your smartphone, and to see everything happening on your screen (yes – your passcode to get into your phone, your online banking data, your passwords, your work emails etc.). They can read, record and change all your files, even those you have protected. It’s a complete stranger rummaging around in your entire personal and business life with the ability to manipulate and record all of it – even transfer it across the internet to black market sellers and criminal gangs.
Other types of malware include:
Ransomware: which locks your mobile device down unless you enter card payment data which is sent on to criminals.
Crimeware: A vast array of malicious ways to attack your mobile device for the specific purpose of obtaining financial returns.
Spyware: Malware that seeks to record and transfer lots of your smartphone’s data to criminals. There is even spyware that can record audio in the vicinity which could be disastrous to a company’s share price or reputation if board meeting and private conversations got into the public domain.
2. Attacks exploiting operating system vulnerabilities:
“In 2014, there was a 188% increase in the number of Android vulnerabilities compared to 2011, while 262% increase in the number of iOS vulnerabilities compared to 2011.” (FireEye)
Some of the threats due to operating system vulnerabilities include:
- Rootkits that harvest corporate or personal data from a mobile device.
- iOS Masque Attacks that repack popular applications into malicious and fraudulent versions of apps for cybercrime.
- Malware that specifically targets iOS or Android devices such as HummingBad, xCodeGhost and Gooligan – all malware which have gained cult hacker status due to their unparalleled success in breaching mobile security worldwide in the last 2 years .
What is the solution?
Mobile threat prevention therefore is hugely important to Enterprise security and risk management. Gartner released in 2016 the ‘Market Guide for Mobile Threat Defense for 2016’ – the first guide of its kind. In that report, Gartner advised:
“…it is becoming increasingly important that security leaders look at the anti-malware, mobile threat defense solutions market, the products available and how they should be used.”
The Gartner report recommends Enterprises seek to protect their employees and their data by implementing key Mobile Threat Prevention (MTP) tools across four vectors:
- Device behavioral anomalies — MTP tools provide behavioral anomaly detection by tracking expected and acceptable use patterns.
- Vulnerability assessments — MTP tools inspect devices for configuration weaknesses that will lead to malware execution.
- Network security — MTP tools monitor network traffic and disable suspicious connections to and from mobile devices.
- App scans — MTP tools identify “leaky” apps (meaning apps that can put enterprise data at risk) and malicious apps, through reputation scanning and code analysis.
How can CWSI help?
CWSI has built strong partnerships with industry-leading security firms across the world. We can leverage our uniquely fortified position to offer your enterprise an extensive array of security products which deliver on the Mobile Threat Prevention mechanisms.
Our in-house team of vastly experienced security specialists can identify and mitigate threats specific to your industry and complete a full security review. We can package the right security solution to address the unique challenges faced by your particular enterprise in your industry according to your requirements.
Our dynamic solutions offer the security and trustworthiness that your customers and your business clients expect and deserve. If you are looking to keep your enterprise mobility strategy secure, contact CWSI today to discuss how we can deliver MTP for you.