FEATURE: MOBILE MALWARE
FEATURE:
of a potential target, the OS version of the
target (unless they have a zero-day attack
or social engineering exploit) and a delivery
mechanism (e.g. SMS, Google Play Store,
hijacked website).”
Michael Morton, Mobile Security Specialist at
Securicom, believes there are various reasons
for attackers to hone in on mobile devices.
These include the array of OS versions
available which make it more complex for IT
to manage and protect as well as the amount
and type of personal information that you
store on your phone – such as banking
applications with your financial information
and photographs and memories that you
don’t have backed up – the likes of which
allow attackers to feel fairly confident that a
victim will pay to get that information back.
Vulnerable verticals
Any industry that utilises mobile devices
opens themselves up to the risk of mobile
malware attacks but as Haber explains, the
verticals generally more prone to targeted
attacks are those who have ‘crown jewels’
that can be monetised or used for hacktivism.
This includes financial organisations,
governments and defence contractors.
58
INTELLIGENTCIO
//////////////////////////////////////////////////////////////////////////
Similarly, Morton highlights that the mobile
applications most likely to be targeted are
those which have the potential to obtain
information or cause harm, including
DropBox, OneDrive, GoogleDrive, Facebook,
Skype and Twitter.
Vulnerability of Android
There are an estimated 1.4 billion Android
devices in use today and Anvee Alderton,
TrendMicro’s Channel Manager, says:
“Attacks on Android devices made up 81%
of mobile attacks last year.” So, what is it
about Android that makes it an easy target
for attackers? Ian Jansen van Rensburg,
Senior Manager: Systems Engineering for
VMWare, explains that one such weakness
comes from Android being an open-source
operating system. This leads to an alarming
number of OS versions available which
makes it difficult to lock down and control
all the vulnerabilities that emerge from this.
Haber also points to the following reasons
for Android’s position as a target:
Screening – The Google Play Store is not
as secure as the Apple Store and does not
screen applications to the depth needed to
prevent malware.
Fragmentation – Each mobile device
vendor uses a stock version of Android
and modifies it to meet their unique
hardware and software requirements. This
introduces vulnerabilities that are only
remediated by the manufacturer, and not
Google. Therefore, it is up to each vendor
to create, deploy, and support updates.
This is compounded by support provided
by individual cellular carriers as well. This
decentralisation and lack of clear update
paths creates opportunities for threat
actors to attack individual (or broad
based) weaknesses.
Third party installation – Even though
Android has a feature to block third
party applications from being installed,
it can easily be turned off to install other
applications (outside of the Google Play
Store). This introduces a high risk of having a
malicious application loaded and forgetting
to reset the option. In comparison, side-
loading applications in Apple iOS is much
more complicated and not as easy to exploit.
Risks to your organisation
As personal devices are increasingly
being used in the workplace, a new era
www.intelligentcio.com