three steps to combat mobile malware
DESCRIPTION
As mobile devices become more common, cybercriminals see them as having huge profit potential, and aim to gain access to a users confidential personal and financial information. Mobile applications are the primary way users access information via mobile devices, and as a result the majority of mobile malware is embedded in applications that once downloaded on the device can gain access to this valuable information. But creating policies and understanding the risk of mobile malware, can often be easier said than done. Join Saj Sahay, Senior Product Marketing Director at Rapid7 for an interactive webcast where Saj discusses the mobile malware landscape and how organizations can limit their risk. To download a free Mobilsafe demo, click here: http://information.rapid7.com/mobilisafe-demo.html?LS=1428723&CS=WebTRANSCRIPT
Three Steps To Combat
Mobile Malware
Sajal Sahay
Senior Director Product Marketing, Mobilisafe
2
Saj Sahay Sr. Director of Product Marketing,
Rapid7
Presenters
Short for “Malicious Software”, there are
multiple types of malware
• Software that can disrupt device operations, gather
sensitive information or gain undue access to the
device
BYOD explosion is the malware growth story
• Attackers adapting and quickly moving to mobile
• Mostly embedded in apps as they are the primary way
users access information on mobile devices
What Is Malware?
3
Key Types Of Mobile Malware
4
Trojans
• Once installed provide access to the device for the
person who originated the program
• Usually in untrustworthy applications in 3rd party app
stores
• Can exfiltrate information and lead to significant
financial and organizational harm
RootKits
• Activate every time your system boots up
• Can be very difficult to detect
• Can allow the installation of hidden files, hidden
user accounts etc.
Why Is Mobile Malware Growing?
5
Cybercriminals see a rich target given that mobile devices usually have a lot
of personal & financial information on them
Spam/Phishing was very successful on desktops, and attackers feel that end
users are susceptible to the same failings on mobile devices
Most popular apps are from lesser known companies so it’s difficult for
consumers to know which ones to trust
The Growth Is Astounding!*
6
123% growth in malware discoveries in ’12
vs. ‘11
95% of infections on Android given diversity
of OS versions still being used
Common ways to exploit the OS were
through application repackaging, malicious
URLs & SMS phishing
Total of 32.8 million Android devices
infected in ‘12, a 200% growth from ’11 * From NQ Mobile’s Yr 2012 Mobile Security Report
So, What Can You Do?
7
Every company should have
written mobile usage policies for
their employees!
• Make sure they are easy to understand
• Make sure that all employees go through
the necessary training for successful
company-wide implementation
Include the following three
malware focused policies in your
company’s written document
Malware Focused Policy #1 Employees Should Only Download Applications From Trusted Sources
8
Google Play (Android) and the iOS App
Store (iOS) are administered by Google &
Apple
• Strict requirements for applications submitted for
inclusion
• Utilize sophisticated filtering mechanisms to discover
and remove apps that may contain malware
Apps should not be downloaded from
untrustworthy 3rd party app stores
9
Malware Focused Policy #2 Employees Should Always Update Their Mobile Devices To The Latest Firmware
Extend the same patch requirements
for your corporate network to mobile
Updating firmware is the best way to
patch vulnerabilities on mobile
devices
10
Mobile Malware Example: DroidKungFu
This type of malware can be
considered both a Trojan and a
Rootkit
• Unique because it can avoid detection by anti
malware software
• Works by installing a backdoor in the Android
OS
• Gives the attacker full control of the user’s
mobile device
• Mainly affects devices running Android 2.2,
exploiting two vulnerabilities in the OS version
Malware Focused Policy #3 Employees Shouldn’t Click Unfamiliar Links Sent Via SMS Or E-mail
11
Employees should be very careful
when receiving an SMS or email
containing a link
If the URL of the link seems
suspicious they should not click
the link
Inform the Security Department
instead to investigate the URL
Mobile Malware Example: Zitmo (Zeus in the Mobile)
12
A Trojan that can forward SMS’s with
confidential information from the
device to other phone numbers
• Can steal a user’s username and password
• A SMS is sent with a link to update the ‘security
certificate’, while it actually directs the user to
install Zitmo
• Once the installation is completed and info is
received, attackers usually log-into user’s
confidential sites like bank accounts to initiate
unauthorized transactions
1. Employees Should Only Download Applications From Trusted Sources
2. Employees Should Always Update Their Mobile Devices To The Latest
Firmware
3. Employees Shouldn’t Click Unfamiliar Links Sent Via SMS Or E-mail
13
Summary - Three Steps To Combat Mobile Malware
Try Moblisafe for yourself - http://information.rapid7.com/mobilisafe-
demo.html
14
Thank you!