Mobile devices have become indispensable tools in the world of business, however mobile devices are also a growing threat to enterprise security.
While smartphones, tablets and notebooks have boosted productivity and changed work patterns, at the same time they've become backdoors for malicious attacks. What's most alarming is that many organisations are unaware of the dangers they face.
Perhaps the biggest security risk created by mobile devices stems from the fact many are used as access points into corporate data and applications. Staff use them for everything from placing client orders to running financial reports and database queries.
Increasingly the devices are also being used to access resources stored on cloud-based platforms. Anything from a hosted CRM system such as Salesforce.com to data held on AWS or Azure can be easily reached via a mobile device from almost any location.
The rising malware problem
While few organisations would ever issue staff with PCs lacking anti-malware tools, many are happy to do so when it comes to phones and tablets. The result is a fleet of devices that risk being compromised by a rising tide of threats.
In our latest Threat Index published in May, Check Point reported that 2000 unique malware families had been identified during April - a 50 per cent increase from the previous month. Interestingly, attacks targeting iOS-powered devices (Apple iPhones and iPads) have moved into the top three of the most common malware types found for the first time.
One example is malware called XcodeGhost which is a compromised version of the iOS developer platform Xcode. This remains a threat to business mobile devices despite the fact it was removed from Apple's App Store back in September 2015.
Android users are also very much in the firing line. Malware named HummingBad is in the top-ten threat list despite the fact it was only discovered by Check Point in February. This threat establishes a rootkit on infected devices, installs unauthorised applications, steals credentials and can bypass encrypted email containers used by many businesses.
Other malware threats identified in the research were the Conficker worm (responsible for 17 per cent of attacks), Sality (12 per cent) and Zeroaccess (6 per cent).
The challenge created by mobile device use in the workplace is exacerbated by the vulnerabilities that exist within their operating systems. The release of new OS generations means there are always multiple variants in use, making standard management difficult.
The problem is compounded by delays in the release of security patches. This can happen weeks or even months after vulnerabilities are discovered, giving attackers plenty of time to exploit the opportunity.
Check Point has found Android to be particularly sluggish when it comes to patching security flaws. During the past six months, patches have been released between two and five months after vulnerabilities were disclosed. Further delays are often caused by device manufacturers. Even when a security patch has been issued, they can delay its distribution to users.
For many years Apple's iOS platform was seen as a security safe haven, however this has now changed. The number of iOS attacks doubled from 2014 to 2015 and the trend is showing no sign of slowing. Also jailbreaks, which circumvent Apple’s entire security strategy, are usually released shortly after any new version appears.
The user factor
As is the case with any security challenge, one of the biggest factors is the user. Malware creators can use techniques such as social engineering and disguise to trick users into installing compromised software.
In an increasing number of cases, attackers are repackaging well-known and popular apps. The fake copy of an app will appear almost identical but contain malicious code. This code may do anything from steal personal details to attempt to gain access to secure corporate systems.
Businesses must educate their users on the potential for rogue apps and techniques for avoiding them. This, together with the use of sophisticated security tools, can help reduce the chance of attack.
A different approach to security
Across all mobile devices, cyber criminals are constantly looking for new vulnerabilities that they can use to gain access to corporate data and resources. Fresh attacks can appear very quickly so it is vital for businesses to have in place a comprehensive security solution that can protect them from such activity.
The old strategies of securing core applications and data behind a firewall in an on-premise data centre are no longer sufficient. Instead, businesses must adopt the approach of advanced threat prevention, not just on their networks, but also on all endpoints and mobile devices.
A thorough mobile device security approach involves:
- Continuously monitoring devices to uncover vulnerabilities and suspicious behaviour
- Dealing with threats automatically by mitigating risk until they can be eliminated
- Providing visibility into mobile vulnerabilities to reduce the overall mobile attack surface
By adopting this approach, organisations can take advantage of the benefits delivered by mobile device usage while at the same time avoiding the potential security problems that such devices can create.