FEATURE: MOBILE MALWARE
Ian Jansen van Rensburg,
Senior Manager: Systems
Engineering, VMware
Jensen van Rensburg says: “Enterprise
data for gone mobile and yet, we
don’t see CIOs and CISOs protecting
mobile devices the way they do other
computers in the enterprise.”
Before proactively protecting your
organisation from the risks of mobile
malware, it’s important to know what
they are; as with any cyber threat,
awareness is key for protection and
prevention. At device level, Riaan
Badenhorst, General Manager at
Kaspersky Lab Africa explains that as
a result of a malware virus, users may
notice the device slowing down, the
presence of pop-ups, unwanted adverts,
redirection to suspicious websites with
harmful intent and in some cases the
device can stop working completely.
BeyondTrust’s Haber claims malware
on Android devices essentially becomes
a ‘spy’ for threat actors, allowing them
the ability for keystroke logging and
screen capturing. These surveillance
techniques can allow attackers access to
confidential passwords, sensitive data
and insider company intel. At enterprise
level, Jansen van Rensburg lists the risks
of mobile malware as: bad publicity,
loss of business partners and new
and existing customers, disruption of
business operations, increased costs and
financial loss and litigation.
It’s important to remain aware of
the fact that every time an employee
34
INTELLIGENTCIO
Riaan Badenhorst, General Manager,
Kaspersky Lab Africa
connects a personal device to the
corporate network, it presents a new
and evolving challenge for the IT team
managing these devices. These devices
are not immune to the realities of
mobile malware infections and most
will carry business critical or sensitive
information. Badenhorst reminds CIOs
that as these devices become part
of the company infrastructure, they
present a potential entry point of choice
for attackers to infiltrate the business,
its servers and the opportunity to gain
access to critical information.
Morton presents the following example
to demonstrate how easy it can be for
exploits to bypass your firewall using
mobile devices as an entry point: “Let
us use a corporate SharePoint as an
example. SharePoint can be accessed
on a laptop, but application developers
have now also created an iOS and
Android application. So, this gives
employees access to the corporate
SharePoint server behind your firewall.
What can go wrong?
“The risk lies with the end user
downloading the SharePoint
application. Instead of using the
Google Play store, the application now
gets downloaded from a third party
site. Although this application looks and
feels like the real SharePoint application,
exploits might have been built in
to capture corporate information,
or to imbed malicious content on a
Erhard Brand, Product
Owner, Entersekt
document that now sits behind your
firewall, on the corporate network.”
Challenges in combating
mobile malware
Despite user’s best intentions, Brand
points out that occasionally mobile
devices will have malware applications
side-loaded on to them before they are
sold, meaning they are in a rooted state
on purchase. “It is possible to perform
certain device-level checks to determine
if a device is rooted,” Brand says, “While
a rooted status is not necessarily an
indication that a device has been
compromised, it does mean that it
would be a lot easier for malware to live
there without being detected. Knowing
the root status of a device informs the
user that their data might be at risk
and prompts organisations to take
precautionary measures.”
Protecting different operating systems
is also a challenge for CIOs; Apple iOS
does not allow for antivirus solutions
and older EOL Apple iPhones and
iPads can no longer receive security
updates and should never be used on
the corporate network. Morton sees
protecting against mobile malware as a
four-fold challenge for CIOs:
Physical threat: This is the possibility of
physical loss or theft of a mobile device.
Or hackers gaining access to the device
and installing malicious software.
www.intelligentcio.com