//////////////////////////////////////////////////////////////////////////
of cyber threats has been introduced to
the enterprise. Despite this, CIOs are not
adjusting their cybersecurity plans to
accommodate for the change. loss of business partners and new and
existing customers, disruption of business
operations, increased costs and financial loss
and litigation.
Before proactively protecting your
organisation from the risks of mobile
malware, it’s important to know what they
are; as with any cyber threat, awareness is
key for protection and prevention. It’s important to remain aware of the fact
that every time an employee connects a
personal device to the corporate network,
it presents a new and evolving challenge
for the IT team managing these devices.
These devices are not immune to the
realities of mobile malware infections
and most will carry business critical or
sensitive information. Badenhorst reminds
CIOs that as these devices become part
of the company infrastructure, they
present a potential entry point of choice
for attackers to infiltrate the business, its
servers and the opportunity to gain access
to critical information.
At device level, Riaan Badenhorst, General
Manager at Kaspersky Lab, explains that
as a result of a malware virus, users may
notice the device slowing down, the
presence of pop-ups, unwanted adverts,
redirection to suspicious websites with
harmful intent and in some cases the device
can stop working completely.
BeyondTrust’s Haber claims malware on
Android devices essentially becomes a ‘spy’
for threat actors, allowing them the ability
for keystroke logging and screen capturing.
These surveillance techniques can allow
attackers access to confidential passwords,
sensitive data and insider company intel.
At enterprise level, Jansen van Rensburg lists
the risks of mobile malware as: bad publicity,
www.intelligentcio.com
FEATURE: MOBILE MALWARE
Morton presents the following example to
demonstrate how easy it can be for exploits
to bypass your firewall using mobile devices
as an entry point: “Let us use a corporate
SharePoint as an example. SharePoint can
be accessed on a laptop, but application
developers have now also created an iOS and
Android application. So, this gives employees
access to the corporate SharePoint server
behind your firewall. What can go wrong?
“The risk lies with the end user downloading
the SharePoint application. Instead of
using the Google Play store, the application
now gets downloaded from a third party
site. Although this application looks and
feels like the real SharePoint application,
exploits might have been built in to capture
corporate information, or to imbed malicious
content on a document that now sits behind
your firewall, on the corporate network.”
ATTACKS ON ANDROID DEVICES
MADE UP 81% OF MOBILE ATTACKS
LAST YEAR.
INTELLIGENTCIO
59