Mobile devices face an increasingly complex web of security challenges. Not only must they be protected against conventional threats, like viruses, but it is important to protect against more sophisticated attacks: zero days attacks, man in the middle attacks, malware injection via some apps, even advanced network attacks.
One recent attack helps illustrate how complex attempts to undermine mobile devices have become. The BlueBorne attack used known vulnerabilities in Bluetooth to push malware into smartphones. The attackers had figured out that most mobile device users leave Bluetooth on permanently – and had built the exploit to be invisible to the end user. The only solution to this vulnerability is to update the OS to benefit from security patches, but it is up to the hardware manufacturer to distribute the upgrades.
Application installs are another example of the modern mobile attack. Hackers are smart and can find ways to smuggle malware into apps you may download even from the most well-managed app stores. Even Apple’s App Store has fallen victim to such attacks – in 2015 cyber criminals figured out how to create a spoofed version of iOS app development tool, Xcode, to inject malware into apps.
Hackers want to make money and are becoming increasingly professional as a result. This increasing professionalization means that there is a big market for hacks and equipment with which to create these attacks. You can buy software used to add malware to legitimate apps on the dark web for as little as $25. These money-minded attackers understand that mobile devices have become more powerful and are used in our daily work, meaning the data on those devices has real value.
Protecting against the many emerging forms of attack is challenging for anyone, but in a mobile situation it is compounded because enterprises cannot easily control the context in which those devices are used. It is impossible for most enterprises to identify, track and monitor all these emerging threats.
Mobile threat defense takes a preventive approach to mobile security and complements existing enterprise mobility management solutions.
Enterprise mobility management focuses on encryption, VPN, passcodes and device security, but it isn’t so good at identifying and protecting against active malware. While enterprise mobility management can tell you if a feature is active on a device, you need to be able to recognize if device behavior is suspicious or not.
Mobile threat defense solutions are typically managed services and focus on the new breed attacks, such as network attacks, malicious and non-compliant apps, OS and app vulnerabilities and the challenge of jail-broken device security. By detecting suspicious device activity, they can identify when attempts are being made to subvert or exploit a device. That’s important as some of these exploits are so deep (BlueBorne, for example) that you wouldn’t even know an attack was taking place without the additional insight that mobile threat defense provides.
Security from the cloud
Of course, you don’t want to inhibit device performance or battery life by using these security protection systems. That’s one of the benefits of a mobile threat defense cloud-based security platform, as it means users gain an additional security layer, but all the processor and power-consuming tasks to achieve this take place in the cloud. Another advantage of this approach is that service providers offering mobile threat defense can provide security insights drawn from across their customer base – if one person suffers one form of malware exploit attempt in one country, they can very quickly protect against that exploit for all users.
The first thing is to know you are being attacked. If you do not have any means to detect such an attack, then it is difficult to realize an attack is underway. This kind of visibility is precisely what mobile threat defense is designed to deliver, across platforms and regardless of which carrier you use.
Mobile threat defense provides enterprises with effective protection across multiple platforms and devices, based on real-time insights and analysis of insecure device activities that could easily be missed. Because it is a cloud-based approach, it benefits from the wisdom of crowds. No enterprise user can easily achieve such situational awareness alone.
Want to learn more about mobile cyberattacks and how you can protect yourself? Join this free webinar from Orange and Check Point on 7 March.
Cyril is a security product manager at Orange Cyberdefense. He is responsible for digital identity, data protection and mobile security solutions, both in France and internationally. Previously Cyril was a security consultant with Solucom and software engineer at Cisco.