Presentation is loading. Please wait.

Presentation is loading. Please wait.

Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.

Published byEmory Bailey Modified over 9 years ago

Similar presentations

Presentation on theme: "Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO."— Presentation transcript:

1 Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO

2 2 CyberCrime: Threats Against Mobile Devices October 2012 “User-owned computers and smart phones are more than twice as likely to be infected with malware”

3 3 Advanced Persistent Threats APTs typically involve compromises of users’ devices or credentials 45% of enterprises see increase in spear phishing attacks targeting employees

4 4 9 Critical Threats Against Mobile Workers 1.Malware, Trojans, Zero-day Attacks 2.Key loggers 3.Compromised Wi-Fi Hotpots 4.Poisoned DNS 5.Malicious & Privacy Leaking Apps 6.Jail broken & Rooted Devices 7.Un-patched OS Versions 8.Spear Phishing 9.Advanced Persistent Threats

5 5 Bring Your Own Device = New Threats Multiple users per device, with many apps and websites visited Users connect to 10+ networks a month Attacks against end-users give access to corporate networks, data, and cloud services Cyber-criminals know this

6

7 7 Phishing Continues To Explode Phishing and Spear-Phishing is At Record Levels

8 8 Spear-Phishing Spear-phishing is the #1 way that APTs are instigated Use DNS blacklisting to prevent access to phishing sites

9 9

10 10

11 11 Email Service Providers Are An Important Attack Vector

12 12 RSA Security breached Targeted spear phishing infected several employees’ computers Seeds and serial numbers for tens of millions of SecureID tokens stolen Key customers attacked after this

13 13

14 14

15 15 Android Fragmentation

16 16 Exponential Growth in Mobile Malware Source: Kaspersky Labs, March 2013

17 17 Sites infected with bad iFrame Checks User-Agent Update.apk sent to browser Installed if device allows apps from unknown sources com.Security.Update

18 18 Hacked Apps Posted to Markets

19 19 Example: Fake Instagram

20 20 Example: Fake Authentication Apps

21 21 Example: Battery Monitor Trojan

22 22 Compromised WiFi Hotpots WiFi hotspots can intercept and redirect traffic Evil-Twin attacks, DNS attacks, network snooping, session hijacking & sidejacking You need a VPN service for all users, on every WiFi

23 23 Sidejacking on Public WiFi

24 24 Poisoned DNS DNS poisoning takes remote employees to criminal sites Can be poisoned upstream at the ISP, not just at the WiFi hotspot Apps are particularly vulnerable due to poor implementations of certificate validation

25 25 DNS attacks recently reported

26 26 Privacy Leaking Apps Legitimate apps may upload your corporate directory to a service in the cloud That service may be hacked or resold, exposing all of your employees to spear-phishing attacks You should deploy a cloud service to scan and analyze apps for malicious behavior and privacy violations

27 27 Jail-broken & Rooted Devices You should prevent access from jail-broken iPhones and rooted Android devices Jail-broken/rooted devices have almost zero security protections

28 28 Unpatched OS Versions Unpatched OS and plug-ins are the main attack vector of criminals against your users

29 29 Live Example This example is a live example of taking over the iTunes app on an iPad Click twice and enter your device password. You’re owned.

30 30 Phishing or Spear-Phishing Lure

31 31 iOS Allows Unsigned and Unverified Profiles

32 32 Click “Install Now”

33 33 Enter Your Device Password (if you have set one)

34 34 iTunes App Removed, Fake iTunes Installed

35 35 Use Fake iTunes To Steal Passwords, etc

36 36 Things That A Profile Can Change Safari security settings can be disabled Javascript settings Local app settings Allow untrusted TLS connections Device settings Install X.509 certificates

37 37 Even Worse: Hostile MDM Profile Expands the scope of malicious capabilities to include ‒ App replacement and installation ‒ OS replacement ‒ Delete data ‒ Route all traffic to Man-In-The-Middle sites

38 38 Architecture App Feeds Marble App Reputation Database Analyze and add to database Download App Prioritize App Marble App Analysis Instrumented Marble Access Networks WiFis DNS reports App reports Device fingerprints Marble Threat Database Marble Threat Reports Policies & Data Threat Detection Marble Control Marble Threat Lab Design PoC Implement and test Poc Monitor for threat Create Remediation or Detection in our Product Propose or discover threat Network Feeds Marble Access

39 39 App Analysis Architecture Rate High Priority App Download from client or app store Analyze automatically and possibly manually 3 rd Party Feeds Analyze and add to database Download App Prioritize App Marble App Reputation DB Rate by newness, behaviour, publisher, spread rates Download from various app stores & sideloading sites Use Android Grinder and other tools for analysis Incident Response & Analysts Team

40 40 Marble’s Dynamic App Security Architecture Google Play Marble Access Mobile Device Client User Interface Alerts & Reports Analytics Engine Rules Controller/ Scheduler App Crawler Risk Engine Correlation Engine Marble Security Lab Jammer Scanner Database Real-time user interface simulation DNS lookups, network threat correlation engine Network Information Network Threat Database Data FeedsStored Apps Customer’s Security Admin Marble Security Analysts Marble Control Service App Queue Analyzer Apple App Store Other App Stores Dynamic App Analysis Engine

41

Download ppt "Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO."

Similar presentations

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)
HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.
George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.

George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.

Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.
Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.

Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
Microsoft Ignite /16/2017 4:54 PM

Microsoft Ignite /16/2017 4:54 PM
RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.

RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.
IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.

IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.

INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.
Cyber Crimes.

Cyber Crimes.
A Comprehensive Guide to Mobile Targeted Attacks (and What Can You Do About It) Ohad Bobrov, CTO twitter.com/LacoonSecurity.

A Comprehensive Guide to Mobile Targeted Attacks (and What Can You Do About It) Ohad Bobrov, CTO twitter.com/LacoonSecurity.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Similar presentations

Ads by Google