Protecting Android Mobile Devices from Known Threats



Similar documents
BYPASSING THE ios GATEKEEPER

Enterprise Apps: Bypassing the Gatekeeper

4 Steps to Effective Mobile Application Security

Security for Moving Targets: BYOD Changes the Game

Securing mobile devices in the business environment

How To Protect Your Mobile Device From Attack

Carbon Black and Palo Alto Networks

Guideline on Safe BYOD Management

The Cloud App Visibility Blindspot

Enterprise Mobile Threat Report

The ForeScout Difference

Embracing Complete BYOD Security with MDM and NAC

The Hillstone and Trend Micro Joint Solution

ForeScout MDM Enterprise

MOBILE SECURITY: DON T FENCE ME IN

Use Bring-Your-Own-Device Programs Securely

W H I T E P A P E R E m b r a c i n g C o n s u m e r i z a t i o n w i t h C o n f i d e n c e

Breaking the Cyber Attack Lifecycle

Mobile Device Management

Securing Mobile App Data - Comparing Containers and App Wrappers

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments

Codeproof Mobile Security & SaaS MDM Platform

Elevation of Mobile Security Risks in the Enterprise Threat Landscape

3 Steps to Implementing an Effective BYOD Mobile Security Strategy

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

How Attackers are Targeting Your Mobile Devices. Wade Williamson

The Cloud App Visibility Blind Spot

Kaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing

How To Protect Your Mobile Devices From Security Threats

CHECK POINT 3 STEPS TO IMPLEMENTING AN EFFECTIVE BYOD MOBILE SECURITY STRATEGY

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

perspective The battle between MDM and MAM: Where MAM fills the gap? Abstract - Payal Patel, Jagdish Vasishtha (Jags)

IBM Endpoint Manager for Mobile Devices

CHOOSING AN MDM PLATFORM

Choosing an MDM Platform

Mobile Security. Luther Knight Mobility Management Technical Specialist, Europe IOT IBM Security April 28, 2015.

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

The Benefits of SSL Content Inspection ABSTRACT

TechnoLabs Software Services Pvt Ltd. Enterprise Mobility - Mobile Device Security

10 best practice suggestions for common smartphone threats

Kaspersky Security for Mobile

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Assuring Application Security: Deploying Code that Keeps Data Safe

... Mobile App Reputation Services THE RADICATI GROUP, INC.

Content Security: Protect Your Network with Five Must-Haves

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Detecting Cyber Attacks in a Mobile and BYOD Organization

{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com

End-user Security Analytics Strengthens Protection with ArcSight

BYOD Guidance: BlackBerry Secure Work Space

Looking Behind the Attacks - Top 3 Attack Vectors to Understand in 2015

Protect Your Business and Customers from Online Fraud

MDM and beyond: Rethinking mobile security in a BYOD world

ENABLING FAST RESPONSES THREAT MONITORING

Feature List for Kaspersky Security for Mobile

Mobile Security: Are You at Risk (Yet)?

Kaspersky Security 10 for Mobile Implementation Guide

10 Quick Tips to Mobile Security

Practical Attacks against Mobile Device Management Solutions

How To Secure Your Mobile Devices

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

COORDINATED THREAT CONTROL

Android for Work powered by SOTI

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Mobile Threat Intelligence Report

Symantec Mobile Management Suite

White Paper. Protecting Mobile Apps with Citrix XenMobile and MDX. citrix.com

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Securing Office 365 with MobileIron

Five Trends to Track in E-Commerce Fraud

Meeting FFIEC Guidance and Cutting Costs with Automated Fraud Prevention. White Paper

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA

Mission-Critical Mobile Security: A Stronger, Sensible Approach

Introduction to the Mobile Access Gateway

Beyond the Hype: Advanced Persistent Threats

Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them WHITE PAPER

BYOD Policy & Management Part I

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

End to End Security do Endpoint ao Datacenter

A Modern Framework for Network Security in Government

Mobile Device Management in the Systems Management Ecosystem. Katie Wiederholt, Dell Software

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

Fundamentals of Secure Collaboration in the Mobile Workforce. Sinisha Patkovic

Mobility, Security Concerns, and Avoidance

Mobile Security: Threats and Countermeasures

BYOD & Virtualization: Managing Mobile

Teradata and Protegrity High-Value Protection for High-Value Data

NATIONAL CYBER SECURITY AWARENESS MONTH

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Securing mobile apps in the Enterprise

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest

Maintaining Strong Security and PCI DSS Compliance in a Distributed Retail Environment

overview Enterprise Security Solutions

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Whitepaper. Mobile Security. The 5 Questions Modern Organizations Are Asking

Transcription:

Protecting Android Mobile Devices from Known Threats Android OS A Popular Target for Hacks White Paper Zero Trust Mobile Security An Introduction to the BETTER Mobile Security Platform BETTER at work. Contact us BETTER Mobile Security 110 Fifth Avenue New York, NY 10023 +1 877-710-5636 info@better.mobi In the tech industry, it s a truism that hackers focus their attention on afflicting the largest number of targets possible, resulting in a perception that market giants are riddled with vulnerabilities. Google s Android operating system is just such a target. According to an IDC study, Android possesses an 81.1% share of the smartphone market. Numbers that high are irresistible to hackers which is why Android devices need to be protected from unauthorized access. Add to the equation too that the Android operating system has been implemented on many disparate devices designed by myriad vendors. www.better.mobi This distributed implementation scenario has fragmented Android s native security model, which has resulted infringement a variety of the respective of openings owner s that property. of cyber attackers can exploit. Common Android Vulnerabilities Once an attacker gains access to a device s operating system, they can gain elevated privileges to monitor user activity, thereby putting personal data and security at risk. They can also execute malicious code and run unwanted programs to bend the device to their will. All of this can be done without the user suspecting that their device has been infected. Here are some of the most common Android vulnerabilities that malicious programmers seek to exploit. It should be noted that many of these vulnerabilities are inherent to mobile and Wi-Fi devices in general, and do not necessarily reflect a flaw in Android s design and implementation. All trademarks and registered trademarks contained herein are property of their respective holders. Rather than identifying a trademark by symbol with every occurrence, names and logos are used in an editorial fashion, with no intention

2 Executive Summary The increasing threats to mobile security. The cumulative number of mobile threats is expected to double from the previous year reaching over 8 million spread across devices and applications 1. While analysts have identified the need for real-time, self-aware and self-protecting endpoints, MDM/ EMM and MAM solutions that do not address real time threats still dominate the market. A zero trust approach for protecting today s mobile user. According to cyber security research, the vulnerabilities in mobile devices and apps will become even greater risks in 2015. 1 Zero trust is an approach to security that follows the mantra of never trust, always verify. It views every entity, including networks and apps, as hostile and that a breach is inevitable. Operating from that perspective sets a mandate for a more complete security solution as opposed to traditional perimeter-based approaches. When applied to mobile security, a zero trust approach continuously monitors and verifies exactly what is happening on the network, the mobile device itself, the apps installed on the device, and actively detects and prevents threats in real time. In order for a zero trust mobile security solution to be effective, it has to operate based on the following principles: You cannot trust the network You cannot trust the device You cannot trust the apps You cannot trust the user A zero trust approach follows the mantra of never trust, always verify. In this white paper, the following will be covered: The current mobile threat landscape and how there is an immediate need for a zero trust mobile security solution An explanation of zero trust How to apply a zero trust model to mobile security How a zero trust solution for mobile devices needs to operate under the principles of secure and verify How BETTER Mobile Security provides the only comprehensive zero trust mobile security solution that is able to secure and verify mobile devices, apps, users and the network in real time BETTER s zero trust mobile security solution operates under the assumption that an attack on a mobile device will happen, and that the network, device, apps, and user can be hostile. Our solution provides both the security to prevent such attacks as well as the measures necessary to protect if a breach should occur.

3 The Mobile Threat Landscape Attacks on mobile devices are rapidly evolving. Forrester Research reported that over 61% of enterprises stated that app security is their greatest mobile security challenge. The mobile threat landscape is changing rapidly. Mobile attackers are taking traditional methods from the wired world and adapting them to the mobile one, as well as coming up with new, never before seen tactics that take advantage of the new avenues mobile devices offer into an organization s network. Mobile devices are constantly switched on and they bounce from one connection to another, allowing a hacker to have multiple attempts to gain access to a device. A new end-point of corporate risk. Kapersky Labs reported that attacks on mobile devices have increased by over 400% in the last year. Mobile threats can wreak havoc on both mobile devices and the corporate network. Once a trusted device has been compromised, an attacker may have priviledged access to the corporate network. Depending on the type of attack, they will be able to decrypt secure communications, intercept traffic to and from the device, install apps or keyloggers, take screen captures, access any information stored on the device or within apps, including passwords, email, and text messages. These attacks can go as far as to give themselves root privileges, jailbreak the device, or leverage the device as part of a mobile botnet to mount DDoS attacks. Connected by design, vulnerable as a result. Mobile devices connect to upwards of 10x more networks than other end-point devices. Our research indicates that mobile devices connect to upwards of ten times more networks than other end-points. The tools required to intercept, modify, and push network data are relatively inexpensive, readily available, and their uses are becoming more sophisticated and nefarious. Man-in-the-Middle (MitM) attacks can perform active eavesdropping, intercept, and alter traffic between a mobile device and a remote server. The user believes they are interacting with a known and trusted entity but, in fact, they are being rerouted through an attacker controlled device. Once connected to the attacker s device, all communication going to and from the victim s mobile device is seen by the attacker, regardless of encryption such as SSL. Malicious apps and their means of entry. Malicious apps can come from anywhere and wreak all kinds of havoc. With no means of protection, the recommendation to users has always been to not download apps from unknown sources. This is not a viable approach, because it requires device users to know what is a trusted source and what is not. Another problem with this approach is that today s

4 attackers are adept at convincing users to trust that an app is genuine and beneficial to their needs. Malicious apps can steal passwords, email, text messages and corporate data. They can also log keystrokes and screen scrape. Malicious apps can even be side-loaded onto an ios device through the use of stolen or illegally-acquired enterprise or developer certificates. This gives the attacker the ability to gain access to encrypted data, bypass VPN tunneling, and break the OS sandbox, providing access to containerized apps. This access enables the attacker to view the contents of secure containers and wrapped apps, thus nullifying those attempts to protect sensitive data. The introduction of WireLurker and Masque attacks formally marked the beginning of a new era of ios vulnerability. Today s malicious apps appear and behave just like the authentic versions. WireLurker: the advent of ios threats. An ios malware example, named Wirelurker, uses a stolen enterprise certificate and a vulnerability in how the trust of the bundle identifier works to install a malicious app onto a mobile device. Wirelurker was first brought to light by Palo Alto Networks 2. It bypasses the security features on ios devices and installs malicious apps onto it, without the need of first jailbreaking the device. The WireLurker Trojan installs itself on an OS X machine, rooting itself into the operating system, and then waits until an ios device connects to the computer. It then abuses the trusted pairing relationship between the devices to read the mobile device s serial number, phone number, itunes store identifier, plus a host of other sensitive information. This data is all sent to the attacker s remote server. It then installs a series of malicious, though benign looking, apps onto the mobile device. The Wirelurker threat shows how vulnerable ios devices are to attacks and that the path to infection can come from anywhere. Masque attacks: appearances can be deceiving. BYOD Explosion: Gartner has stated that the number of employeeowned devices used for work will be greater than corporate-owned by 2018. Masque attacks get users to install malicious apps on their devices through refined social engineering techniques such as phishing emails or messages from trusted sources. These apps take the form of updates to existing apps and are therefore not detectable by traditional MDM and EMM solutions. Once on the device, they have access to all data stored within the app. Since these apps are by all appearances genuine and have the same bundle ID, they go undetected by MDM and EMM solutions, so it is virtually impossible to know if your data has been compromised. What can be done to protect my mobile device? Today, MDM/EMM mobile security solutions offer little to no protection against these attacks. Hackers play a numbers game with the general public, since all they need is for just one person to slip up one time to gain access to a corporate network. These attacks

5 happen fast, compromising devices, apps, or communications in the blink of an eye, without being detected. To fully secure mobile devices from threats, the network, users, apps and the device itself all need to be viewed as potentially hostile. The solution must operate on the assumption that eventually the device will get into the wrong hands, apps will be compromised, and communications will be intercepted. The new generation of ios and Android advanced threats has demonstrated that mobile device management is not the same as mobile device security. BETTER Mobile Security provides enterprises with the only comprehensive zero trust mobile security platform on the market. With a trust no one, verify everything approach as our focus, BETTER is able to provide complete protection for mobile devices in real time. Our solution is end-point based, residing on the device itself, and continuously monitors the device, apps and connections for any behavioral abnormalities. When coupled with the BETTER App Shield, the resulting solution has the ability to provide comprehensive real-time threat detection and prevention. It is this trust no one, verify everything approach that makes BETTER s mobile security solution truly complete. In order for enterprise to fully protect ios and Android devices, they must adopt a zero trust approach to mobile security. BETTER Active Shield Mobile Security Requirements - Comparison Chart (ios) MDM/EMM Mobile AV Container Wrapper Can Detect Zero-Day Malicious Apps Can Detect Known/Signature Malicious Apps Can Detect Exploits Can Detect MitM Attacks Can Detect Malicious Profiles Can Detect Threats in Real-Time Can Detect Unknown Threats Real-time Device Monitoring Continuously Monitors Apps Continuously Monitors Network Can Prevent Threats in Real-Time Can Prevent Unknown Threats Provides Device Visibility Provides Device Controls Secures Mobile Devices Secures Mobile Apps Segregates Data BETTER Can Detect a Jailbroken Device * * Prevents Lateral Movement of Data Operates Under Zero Trust * During enrollment and intermittently.

6 BETTER Zero Trust Mobile Security Solution The comprehensive mobile security platform for enterprise. According to the 2014 Cyber Threat Defense Report, more than 60% of organizations fell victim to one or more successful cyberattacks in 2013. When is comes to protecting ios and Android mobile devices, 99% secure is the same as 100% vulnerable. BETTER provides enterprises with a zero trust comprehensive mobile endpoint visibility, security, and control with real time, self-protecting advanced mobile threat detection and prevention, that follows the tenant of secure and verify. With BETTER, CSOs and Security Administrators gain mobile application visibility and risk-based intelligence and can add security controls to any app outside of an MDM container to satisfy existing security infrastructure requirements. BETTER does this quickly and seamlessly without coding or wrapping. BETTER promotes trust in BYOD deployments. Employees can use their own mobile devices for business anytime and anywhere in a fully secure way while protecting their personal privacy and without limiting their freedom of use or control of their own device. BETTER s zero trust solution provides self-protecting advanced mobile threat detection and prevention, protecting all of the data on the device at all times. From simple security to complete lockdown, BETTER can secure any ios or Android device and verify that is safe when it matters, before and after an attack occurs. BETTER enables mobile employees to harness the full power of corporate mobility while providing enterprise with complete administrator visibility, risk-based mobile app intelligence, third party app security, and real time, self-protecting advanced mobile threat detection and prevention. BETTER s Advanced Mobile Threat Detection and Prevention Solution provides ios and Android devices with a real time selfprotecting solution against advanced mobile threats and targeted attacks. Only BETTER can identify suspicious activity and secure devices from Man-in-the-Middle attacks, malicious apps, and any other mobile security threats, known and unknown.

7 BETTER Mobile Security Architecture BETTER s app virtualization secures any mobile app without making security and usability tradeoffs. BETTER is the only solution that does not modify ios and Android apps with app-wrapping or require the use of an SDK, and adds the zero trust framework of network security, app security and device integrity. BETTER s app virtualization technology for ios and Android is key to BYOD security because it respects user privacy and choice, limiting IT visibility and control to the enterprise container and giving workers a native user experience on their personal device of choice. Network threats of man-in-the-middle attacks and malware is eliminated because BETTER prevents personal apps from accessing enterprise resources. Zero Trust Mobile Security The primary objective is to minimize the attack surface, so when a breach occurs the damage is negligible Network Security App Analysis & Testing Device Integrity App Virtualization Adaptive Virtual App Perimeter App Original App in its Sandbox

8 BETTER Product Modules The BETTER Mobile Security Platform includes four product modules. BETTER Mobile App Analyzer The Mobile App Analyzer includes a backend service that automatically conducts a complete analysis of any third party or homegrown app. Within minutes, the Mobile App Analyzer generates a risk-based assessment of all behaviors and vulnerabilities for security administrator evaluation prior to deployment. The Mobile App Analyzer also adds real-time security, with continuous device-based verification of the app s authenticity prior to launching, and continuously analyzing the app s behaviors while in use. BETTER Mobile App Analyzer BETTER Mobile Security The Mobile AppShield turns any mobile app into a self-aware and self-protecting app, including all homegrown and third party apps, without wrapping or coding. This includes adding enterprise security controls as well as device usage controls. The Mobile Device BETTER Mobile AppShield Configuration Control is part of BETTER s device-based agent and provides security administrators with the ability to determine, set and enforce policy on any mobile device, including which native and third party applications can be used and if settings may be changed, timefencing, geofencing and more, and provides real time visibility of attempts to use unauthorized apps, change settings, make baseline deviations, as well as advanced mobile threats and targeted attacks. BETTER Threat Detection and Prevention Our Threat Detection and Prevention module instantly detects and prevents any BETTER Mobile Device Configuration Control advanced mobile threat, targeted attack or other hostile behavior on the device as it occurs in real time. BETTER also provides security administrators with real time alerts of targeted attacks, suspicious device behaviors and baseline deviations, giving them a clear overview of the situation and providing them with the ability to take immediate and appropriate action. In addition, BETTER provides the user with the simple steps for full remediation, so they can quickly return to business as usual. BETTER Real Time Mobile Threat Detection and Prevention References 1. The Invisible Becomes Visible: Trend Micro Security Predictions for 2015 and Beyond.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information