Since the NHS was recently attacked with Ransomware dubbed “WannaCry”, the internet has been awash with alerts for Windows users to ensure that all their computers are patched to the latest versions. Microsoft has even released updates for Windows XP machines, which have been unsupported for some time. While this attack didn’t specifically attack Mobile IT, there are still a number of lessons that mobile users and administrators should take note of in order to sure they are not the victims of the next attack.
• Android is a fragmented OS. While Google constantly develops updates to their mobile operating system, these updates need to be ratified and implemented by handset manufacturers, and then by carriers. Handset manufacturers have no real interest in developing for legacy handsets and tablets, and so quite often the patches don’t arrive at all for many models, and can take months for those that receive support.
• iOS updates can be forced through most MDM/EMM platforms these days, and administrators should periodically update their minimum supported version, and plan full lifecycles for their iOS devices. Even today, there are many iPhone 4s and 4Ss out there which cannot run iOS 10 and therefore pose significant security risk to organisations that continue to employ them.
• Windows 10 uses a converged API set, so any future exploits that attack desktop/notebook platforms will be quite likely to propagate onto phones/tablets as well. While this has the potential to make future attacks more prolific, it also means that remedies are likely to be cross-platform as well.
Mobile Threat Prevention
The mobile threat landscape has more surfaces than before. Always-on radios provide attractive opportunities for hackers to intercept with rogue Wi-Fi hotspots. Man-in-the-Middle (MitM) attacks allow seemingly trusted sources to deploy malicious payloads that users are more likely to accept on Mobile than on any other device type. Deliberate mobile malware is no longer the only consideration as the low barrier to entry for developers can lead to apps that leak data accidentally. Even experienced developers have been duped by SDK code injection which infected otherwise benign apps. Many enterprises still believe that simple MDM provides sufficient protection, when in fact MDM is largely concerned with enforcing device policies, and not app reputation or traffic analysis. Off-device threats such as MitM attacks are often beyond the remit of such platforms, and many IT administrators have never had to deal with mobile-specific threats such as SMS phishing before.
If the NHS attacks have taught us anything, it is that patch management needs to incorporate all devices that have access to corporate information, not just the ones that operate within the LAN. IT departments need to realise that squeezing old IT assets is a false economy, and that legacy estate can be the route for exploitation. Hackers have always been inventive, and the proliferation of mobile IT devices has opened up some new attack vectors that many IT departments simply don’t consider when assessing threats.
CWSI can provide integrated solutions to protect mobile Devices, the apps installed on them, the traffic that goes to and from them, and even SMS attacks. Talk to us today to see how we can wrap integrated security solutions to protect your Mobile IT fleet.