Mobile Device Security and Other Threats
Melissa M
Dr. Constance Blanson
Theories of Security Management
November 30, 2014
Analyze the emerging security threats presented within the “Security Threat Report 2014”
Security threats have not only grown and matured quickly, but the people behind these threats have become more creative in camouflaging their work. These criminals have become more adept at eluding their identification and are now relying on cryptography. Malware authors, as with users, are now focusing on mobile devices and web services.
Numerous threats were listed in the Security Threat Report 2014 such as botnets, android malware, attacks on Linux platforms and Mac OS X, web-based malware, targeted threats to your financial accounts, unpatched windows systems and re-invented spam. These items are detrimental to companies and users. The more complex these threats get, the harder it is to protect against them. I will analyze botnets and android malware in this section.
A botnet is a network of private computers infected with malicious software and controlled as a group without the owner’s knowledge. Criminals distribute malicious software that can turn your computer into a “bot”. When this occurs, your computer can perform automated tasked over the Internet without your knowledge. This type of malware is typically used to infect large numbers of computers. They are used to send out spam email messages, spread viruses, attack computers and servers, and commit others kinds of crime and fraud.
Botnets are now more resilient and integrating multiple backup forms of command and control. The operators are now faster and more effective at responding to countermeasures. The bad news is, users are becoming more resistant to fake alerts and antivirus scams, botnots are turning into ransomware instead. You are asked to pay money in order to restore access to your data. Right now, one of the most dangerous botnets out there is called Cryptolocker. This adds itself to the list of Windows programs that run in the startup, tracks down an infected server, uploads small a small ID file from your computer, retrieves a public key from that server and then encrypts all the data and image files it can find on your computer. The only way to retrieve your data is with the private key stored on the “bad guys” server.
Another threat that is growing is Android malware. This malware is very hard to detect and there is a steady growth in cybercriminals using them. Recent reports have found that there is now a large-scale Android botnet. This is controlling the devices the same way botnets have controlled PCs. Instead of emails as an example, it uses SMS messages. It can change and control premium SMS numbers, content and even affiliate schemes across its entire large network.
Analyze the major threats to mobile devices, and suggest at least two (2) methods to mitigate the concerns and make the devices more secure from an organizational standpoint. Justify your response. Two major threats to mobile devices are mobile phishing and using a nearby infected mobile device to infect others. Mobile phishing, just like PC scams, bad guys are using social engineering through mobile apps and SMS messages, which take advantage of human behavior and trust to gain access to data or infiltrate business, to make people click on links. Malware then ends up on that device. Using a nearby infected mobile device is another threat that is very easy to use. An infected mobile device allows you to breach and organization just by simply connecting to their wireless network. Once the infected device is on the network it can attack the devices on that same network. It is much easier than trying to figure out a way of breaking into the server. A few ways you can mitigate the concerns of mobile threats within your organization are to establish and enforce bring-your-own-device (BYOD) policies, inform your users about mobile risks and ensure your mobile security policies fit into your overall security framework. With BYOD policies, you need to ensure that employees using their own mobile devices are following policies that keep the business compliant with regulatory requirements. You also should inform all mobile users of the security threats. Most users are aware of PC viruses but some are not aware of the risks that are now being spread over mobile devices. Informing people of these risk will put them on guard when they see something pop up on their device. As far as security policies, there needs to be a balance between user freedom and manageability. Simply put, if the device does not comply with security policies it should not be allowed onto the network.
Determine whether or not you believe that the mobile device threats are the most critical and disturbing of all the security threats presented in the articles. Provide a rationale for your response. I do believe that the mobile device threats are the most critical and disturbing of all the security threats presented in the articles. The frightening part of these threats at this point is the lack of knowledge of these threats to the mobile device users. It is one thing to be cognizant of the fact that there are viruses out there, such as ones on PCs, and when you see something odd pop up, you are for the most part aware that it could be a virus. However, mobile devices users are not “up to speed” on the attacks taking place and because of the lack of that knowledge they are not protecting themselves from it. Right now, we are making it very easy for cybercriminals to attacks mobile devices. Most people have one or more mobile devices in their home and I am sure most of them are bringing them to work and connecting them to the networks of unassuming companies. There can be a real outbreak of these viruses if we do not inform the public of the attacks taking place.
Select one (1) security threat, unrelated to mobile devices, that you believe is the most alarming, and explain the main reason why you believe that the chosen threat warrants concern. Suggest key strategies for mitigating the risk. Justify your response. The one security threat that I believe is the most alarming is the attacks on the Mac OS X platform. These attacks, just as those the mobile devices, are relatively new and again the consumer is unaware. I work in a district that has used the Mac platform for years without any virus issues. This year, they are starting to trickle in and are created havoc because the teachers are unaware of them and are not sure how to respond to them. For example, I had one teacher get the ransomware on her machine. It directed her to call a number to retrieve her data. Sadly, she called the number. I naively think that people know about these types of things and would not react to the “ransom” but the truth is because they have used and known Macs for so long, this is all new to them and they are reacting to the attacks. This is just what the cybercriminal is hoping for. I think the key strategy for mitigating the risk is knowledge. In an environment such as a school district, an email needs to be disseminated letting the users know of these risks and what to do if they come across a threat. I also think that the IT department needs to update the policies and virus protecting to address these new and incoming attacks on the Mac platform. They have only just begun and will continue to grow. These threats are not going away.
References
Messmer, E. (2013, December 17). Advanced persistent threats now hitting mobile devices. Retrieved November 30, 2014, from http://www.networkworld.com/article/2173639/wireless/advanced-persistent-threats-now-hitting-mobile-devices.html
Poeter, D. (2011, July 26). Growing List of Security Threats to Mac OS X Lion. Retrieved November 30, 2014, from http://www.pcmag.com/article2/0,2817,2389207,00.asp
Fried, S. (2010). Mobile device security: A comprehensive guide to securing your information in a moving world. Boca Raton, FL: Auerbach Publications :. 