top 2016 mobile security threats and your employees
TRANSCRIPT
Top 2016 Mobile Security Threats and
Your EmployeesHOW YOUR EMPLOYEES EXPOSE YOU TO THE TOP MOBILE SECURITY THREATS OF
2016
Most people believe smartphones are secure when they buy them❖ 45% of people don’t buy security software for their
smartphones❖ They don’t even bother to use a simple password to secure
their phone❖ It only takes 30 seconds to hack into a smartphone❖ 78% of iOS and Android apps have been hacked❖ 50% of popular apps don’t defend against hackers
❖ And wiping them after they are lost doesn’t always keep data out of hackers’ hands
Over 4 million smartphones were lost in 2013 alone
Grayware and BloatwareThese are intrusive applications that have been known to:❖ Leak information❖ Change user bookmarks❖ Pester users to download other programs❖ Install ads for other programs on a user’s home screen❖ Sent SMS messages or communicate externally without the
user’s knowledgeMany smartphones that are preloaded with apps often contain grayware and bloatware.
Malvertising❖a term used to
describe ads that contain Trojans / other malicious software aimed at being embedded in one phone and then spreading.
❖Malvertising has become a popular way for hackers to infiltrate smartphones, putting your corporate network at risk.
Free Wi-FiImproper session
handling, unintended data leakage, poor
authorization and authentication, and lack of
binary protections are vulnerabilities that can often be exploited when using unsecured Wi-Fi
access
Employees as Internal threats❖ By the end of 2018, it is
expected that over 25% of corporate data will be transmitted between mobile devices and a cloud server while bypassing any perimeter security.
❖ Disgruntled employees have always been a threat to organizations and their intellectual data. Mobile devices offer the ability for individuals to bypass many standard security measures in their attempt to extricate and transmit company information.
Top 6 Mobile Threats
❖ Cross Device Transactions❖ Expanding Mobile Payment Options❖ Mobile Web Browser Hacking❖ Man-in-the-middle(MITM)Attacks❖ Distributed Denial of Service (DDoS)Attacks❖ Mobile Healthcare Information and Devices
Cross Device Transactions ❖ An individual may access
their work email, eBay account or mobile banking services from different devices, sometimes even on the same day.
❖ Mobile security for this type of access is often unsuccessful and leaves both the company and clients vulnerable to malicious attacks.
Expanding Mobile Payments▶NFC-based mobile
payments are vulnerable to bot attacks, malware, device spoofing, jailbroken devices or even rooting.▶Whether you offer
mobile payment options or your employees use them for their purchases, your company can be at risk as a result of this vulnerability.
Mobile Web Browser Hacking
❖ Webkit-based exploits coupled with OS/kernel-level exploits can bypass a browser sandbox and then leverage OS vulnerabilities.
❖ Stagefright has been giving Android and Android-based app programmers a run for their money as security experts try in vain to create effective security patches.
❖ This makes mobile web browser hacking most effective way to bypass smartphone system level security measures
Man-in-the-Middle-Attacks(MITM)❖ MITM attacks have also
increased as more people are using free Wi-Fi for tablets, smartphones and laptops.
❖Eavesdropping and hijacking are easier using these open Internet access points and if an employee is using them to access company data, the hacker will have an all access pass into your corporate network.
Distributed Denial of Service Attacks (DDoS)
❖ DDoS attacks have become more sophisticated as hackers learn new ways to leverage old school attacks.
❖ Malevolent programmers have learned how to turn devices into DDoS bots once the hacker has gained control of them.
❖ These DDoS bots are harder to detect or prevent compared to traditional attacks, making corporations vulnerable to a threat they aren’t aware exists.
Mobile Healthcare Information and DevicesYour Employees and Health Information❖ Mobile Healthcare Information
and devices have become more of a threat as the healthcare industry struggles to make devices more intelligent and data more accessible.
❖ Surveys show that 94% of healthcare organizations admit to a cyber-attack
❖ When your employees access their medical information from a hacked organization that health care system may be monitored by hackers and used to access the devices that connect to the system via an internet connection.
Do you want to learn more or find a solution ?You can learn more about how employees are a threat to your company’s mobile security by reading the full article here.
If you want to learn more about advanced mobile security threats and how to protect your organisation, click here , comment in the boxes below or email [email protected]