Mobile device security: A new frontier for hackers

Cloud Services Brokerage: Adding Trust and Oversight to Complex Cloud Deals

By G C Network | September 15, 2014

According to the Gartner IT Glossary, “Cloud services brokerage (CSB) is an IT role and business model in which a company or other entity adds value to one or more…

Learn Hadoop and Big Data in 7 Minute Flat!

By G C Network | September 13, 2014

How do I install Hadoop, and on what platforms? What are the differences between versions of Hadoop? How do I Extract, Transform and Load in Hadoop? The answers to these…

Tech Equity & GovCloud Network Team For Cloud Education

By G C Network | August 25, 2014

GovCloud Network is proud to announce that we have teamed with Tech Equity Ltd to deliver cloud education and training on a global basis. With this partnership, GovCloud Network will…

National Cybersecurity = Cloud Computing Security

By G C Network | August 13, 2014

A recent article Inc.com article claimed that the percentage of U.S. small businesses using cloud computing is expected to more than double during the next six years, from 37 percent…

Vets 360 Sponsoring Service Members To Attend Gartner Catalyst Conference

By G C Network | August 5, 2014

Veterans 360 will be attending the Gartner Catalyst Conference. They are also sponsoring the attendance of active duty service members that are currently in the US military and serving in…

ERPGovCloud: Your Path to DCAA Compliance

By G C Network | July 28, 2014

So you won your first Government Contract… Congratulations!  Among the new issues you will need to consider, your accounting systems, both practices and technology, will need to pass muster with…

GovCloud Media Network Feature: Army IT Playlist

By G C Network | July 17, 2014

The GovCloud Media Network features agency specific video playlist for registered members. Please enjoy this feature on the Army IT. Please visit the new GovCloud Network Media Library for more…

Security & Defense People Launches – Use “GovCloud” for 50% Discount

By G C Network | June 28, 2014

This is quite an unusual post for me but I would like to congratulate GovCloud Network partner SDP Networks on their launch of the Security & Defense People website! Security…

The Cloud Credential Council releases Executive FedRAMP certification course with leading government cloud expert Kevin L. Jackson.

By G C Network | June 23, 2014

Palo Alto, USA – June 23rd, 2014 – Addressing the global cloud skills gap is the number one priority to help accelerate the successful adoption of Cloud, according to the Cloud…

Learning Tree’s Expert Cloud Instructor Kevin Jackson Announces Multiple Speaking Engagements

By G C Network | June 22, 2014

(Reposted from LearningTree’s “Perspectives on Cloud Computing” at https://cloud-computing.learningtree.com/2014/06/12/expert-learning-tree-cloud-instructor-kevin-jackson-announces-multiple-speaking-engagements ) Kevin Jackson, a certified Learning Tree cloud computing instructor and Learning Tree Cloud Computing Curriculum Initiative Manager, is set to…

Recent security breaches have heightened our awareness of cybersecurity issues. The hack and other security breaches have resulted in unprecedented damages. However, the majority of mobile device users have yet to be sensitized to their personal and corporate security risks.
Staples
For example, a security study found that 69 percent of users store sensitive personal information on their mobile devices.  Examples include banking information, confidential work-related items and provocative videos and photos. In addition, 51 percent of mobile device consumers share usernames and passwords with family, friends and colleagues. This in spite of the fact that 80 percent of such devices are unprotected by security software. 
While mobile device security attacks are relatively small, they are the new frontier for hackers.  Listed below are highlights from several mobile device surveys:

  • The four top threats to mobile devices include: 1) lost and stolen phones; 2) insecure communications; 3) leveraging less-secure, third-party app stores; and 4) vulnerable development frameworks.
  • One in 10 U.S. smartphone owners are victims of phone theft.
  • Mobile malware attacks are increasing, with 2014 exhibiting a 75 percent increase in Android malware attacks on devices.
  • The use of mobile devices to access enterprise resources introduces significant security risks.

Cyberattackers are typically attempting to obtain access to sensitive or personal data, and then use it to access financial accounts. Some methodologies used include social engineering, distributing and executing malware, and accessing data through public Wi-Fi networks.
A recent survey found that phishing and scams for winning free stuff were the most popular SMS attacks. Unsolicited SMS messages attempted to trick users into providing detailed, sensitive information about their financial accounts at major banks. The mobile malware StealthGenie secretly monitors calls, texts and videos on mobile phones. Bitdefender has been able to break the secure communications between a Samsung watch and an Android device with ease, using brute force sniffing tools. (See “5 New Threats to Your Mobile Device Security” for more information.)
These are a sampling of the numerous cybercriminal methodologies for accessing user finances and data. Listed below are some user actions for reducing or minimizing a successful attack:

  • Always enable password or PIN protection on your device.
  • Run scans using a respected security and malware program on a regular basis (see the best antivirus software for Android devices).
  • Subscribe to managed mobile device services such as anti-malware and mobile device locator services; also lock the device and wipe all data in the event of device theft.
  • Encrypt mobile device data.
  • Install/run the latest versions of your device OS and all mobile apps.
  • Upgrade to the most recent firmware for your mobile device.
  • Do not access secure or highly sensitive information while using public Wi-Fi networks.
  • Avoid clicking on ads on your mobile devices.
  • Do not configure phones to allow the installation of apps from unknown sources, e.g., only download  from well-known and trusted app stores (although they are not foolproof).
  • Observe all corporate bring-your-own-device (BYOD) and related policies.

In addition, ISO lists some common sense advice regarding mobile devices, as included below:

  • Do not openly display a device — keep it in a pocket or handbag.
  • If possible, avoid using it in crowded areas.
  • Properly mark your phone with your ZIP code.
  • If the phone is lost or stolen, report it immediately to the police and to your service provider.
  • Be aware of your surroundings and the people near to you.
  • Do not leave it unattended – keep it with you at all times.
  • Make a note of your phone’s IMEI number.
  • Do not leave a device in view in an unattended vehicle.

( This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. To learn more about tech news and analysis visit Tech Page One. Dell sponsored this article, but the opinions are our own and don’t necessarily represent Dell’s positions or strategies.)

Bookmark and Share

Cloud Musings

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2012)

Follow me at https://Twitter.com/Kevin_Jackson
Posted in

G C Network