Page 16 - Cyber Warnings - November 2015
P. 16
3 Ways Mobile Devices Silently Enable Data Breach, and What
You Can Do About It
By Domingo Guerra, President & Co-Founder of Appthority
The use of mobile devices is continuing to infiltrate the workplace. But while enterprises continue to
adopt mobile strategies and processes, mobile security is still widely seen as a low-tier concern.
The reality is, hackers find and exploit enterprises’ weakest link – its people. Whether they realize it
or not, employees who open a malignant attachment, or whose systems get infected while working
outside the company firewall, are the Achilles heel of cybersecurity and the primary target for
hackers and cyber-attacks.
The key to effective attacks is knowing enough about the potential victim in order to craft the exploit.
The standard approach for an attacker is to troll publicly available sources, social networks,
conference proceedings, company web sites, and other sources as part of the reconnaissance
phase in preparation for launching an attack. This approach to reconnaissance is inherently
unscalable as the necessary information required to craft say a spear phishing email may not be
available, or may require time-consuming research. Until now.
While enterprises have been focused on preventing and detecting hacks, mobile devices have
silently enabled the leaking of critical privacy data. The explosive growth of mobile devices in the
workplace has created a multiplier effect for the amount of data available for attack reconnaissance,
creating three key mobile attack vectors to the enterprise: 1) Spear Phishing, 2) Watering Hole, and
3) Zombie Applications.
How does it work? Simple. Employee apps on mobile devices introduce unknown risks to the
enterprise for which they work. Apps broadcast personal information to the outside world without the
knowledge or permission of the enterprise. With such information, an attacker can learn enough
about an employee or contractor to effectively target their exploit.
Instead of the sketchy and unreliable information that can be gleaned manually through traditional
sources, attackers now only need to access exposed privacy information from risky apps—and by
doing so the attack has a much better chance of succeeding.
1. Spear Phishing Attacks – or how to quality spoof an email
A risky behavior found in mobile apps is the reporting of contacts and calendar info to analytic
frameworks and ad networks. Here’s how it works: by gaining access to calendar data and meeting
information, the attacker can determine other attendees and their emails.
This is then used to devise a malware-laden attachment or email, referencing specific meetings,
employees or other relevant and believable information. The email sender is spoofed so as to
appear to come from a trusted meeting attendee and once the attachment is opened by the
unsuspecting employee, the initial stage of the breach has begun.
16 Cyber Warnings E-Magazine – November 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide