Mobile device security: A new frontier for hackers

NCOIC Discusses e-Discovery and Cloud Computing

By G C Network | March 22, 2010

Last week during its weekly meeting, the NCOIC Cloud Computing Working Group (CCWG) examined some of the legal aspects surrounding electronically stored information. With government use of cloud computing expected…

Take the survey, get a book!

By G C Network | March 20, 2010

“Cloud Musings”, in cooperation with Aditya Yadav & Associates, is conducting a new cloud computing survey. This short, eight (8) question poll, is designed to gauge general corporate plans around…

Army Knowledge Leaders Study Cloud Computing

By G C Network | March 12, 2010

This week it was my pleasure to explore cloud computing with Army Knowledge Leaders (AKL) ! AKL is an intensive 2 year experience of training and work rotations designed to develop leadership,…

Northrop Grumman & Lockheed Martin Selected for CANES

By G C Network | March 9, 2010

   Last week the US Navy awarded initial CANES contracts to Northrop Grumman and Lockheed Martin. Navy officials place the contract values at $775M for Northrop and $937M for Lockheed.…

NCOIC Analyses Cloud Computing With SCOPE

By G C Network | February 24, 2010

Last week, the Network Centric Operations Consortium (NCOIC) Cloud Computing Working Group (CCWG) started it’s work on cloud interoperability in earnest. The first step in their process is the completion…

TASER Awarded: The NGA ASP/ISP Transition Contract

By G C Network | February 17, 2010

The National Geospatial-Intelligence Agency (NGA) has awarded the Total Application Services for Enterprise Requirements (TASER) contract to: Accenture National Security Services, LLC BAE Systems Information Technology, Inc. The Boeing Company-Autometric,…

EuroCloud Expands Quickly

By G C Network | February 16, 2010

Last October I introduced EuroCloud as a pan-European business network with the goal of promoting European use of cloud computing.  In the intervening three months, the organization has grown to…

Joining NJVC: A Professional Plateau

By G C Network | February 8, 2010

This week I begin a new and exciting phase of my professional career by joining the NJVC Enterprise Management Team! For those unfamiliar, NJVC is one of the largest information…

DoD Deputy CIO on Secure Information Sharing

By G C Network | February 3, 2010

Today on Federal Executive Forum, Dave Wennergren, Deputy CIO, Office of the Secretary of Defense, shared his views on secure information sharing. Mr. David M. Wennergren serves as the Deputy…

Training Conference: Cloud Computing for DoD & Government

By G C Network | February 1, 2010

Please join me at the Cloud Computing for DoD & Government training conference, February 22-24, 2010 at the Hilton Old Town in Alexandria, VA. This unique conference agenda blends interactive…

Recent security breaches have heightened our awareness of cybersecurity issues. The hack and other security breaches have resulted in unprecedented damages. However, the majority of mobile device users have yet to be sensitized to their personal and corporate security risks.
Staples
For example, a security study found that 69 percent of users store sensitive personal information on their mobile devices.  Examples include banking information, confidential work-related items and provocative videos and photos. In addition, 51 percent of mobile device consumers share usernames and passwords with family, friends and colleagues. This in spite of the fact that 80 percent of such devices are unprotected by security software. 
While mobile device security attacks are relatively small, they are the new frontier for hackers.  Listed below are highlights from several mobile device surveys:

  • The four top threats to mobile devices include: 1) lost and stolen phones; 2) insecure communications; 3) leveraging less-secure, third-party app stores; and 4) vulnerable development frameworks.
  • One in 10 U.S. smartphone owners are victims of phone theft.
  • Mobile malware attacks are increasing, with 2014 exhibiting a 75 percent increase in Android malware attacks on devices.
  • The use of mobile devices to access enterprise resources introduces significant security risks.

Cyberattackers are typically attempting to obtain access to sensitive or personal data, and then use it to access financial accounts. Some methodologies used include social engineering, distributing and executing malware, and accessing data through public Wi-Fi networks.
A recent survey found that phishing and scams for winning free stuff were the most popular SMS attacks. Unsolicited SMS messages attempted to trick users into providing detailed, sensitive information about their financial accounts at major banks. The mobile malware StealthGenie secretly monitors calls, texts and videos on mobile phones. Bitdefender has been able to break the secure communications between a Samsung watch and an Android device with ease, using brute force sniffing tools. (See “5 New Threats to Your Mobile Device Security” for more information.)
These are a sampling of the numerous cybercriminal methodologies for accessing user finances and data. Listed below are some user actions for reducing or minimizing a successful attack:

  • Always enable password or PIN protection on your device.
  • Run scans using a respected security and malware program on a regular basis (see the best antivirus software for Android devices).
  • Subscribe to managed mobile device services such as anti-malware and mobile device locator services; also lock the device and wipe all data in the event of device theft.
  • Encrypt mobile device data.
  • Install/run the latest versions of your device OS and all mobile apps.
  • Upgrade to the most recent firmware for your mobile device.
  • Do not access secure or highly sensitive information while using public Wi-Fi networks.
  • Avoid clicking on ads on your mobile devices.
  • Do not configure phones to allow the installation of apps from unknown sources, e.g., only download  from well-known and trusted app stores (although they are not foolproof).
  • Observe all corporate bring-your-own-device (BYOD) and related policies.

In addition, ISO lists some common sense advice regarding mobile devices, as included below:

  • Do not openly display a device — keep it in a pocket or handbag.
  • If possible, avoid using it in crowded areas.
  • Properly mark your phone with your ZIP code.
  • If the phone is lost or stolen, report it immediately to the police and to your service provider.
  • Be aware of your surroundings and the people near to you.
  • Do not leave it unattended – keep it with you at all times.
  • Make a note of your phone’s IMEI number.
  • Do not leave a device in view in an unattended vehicle.

( This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. To learn more about tech news and analysis visit Tech Page One. Dell sponsored this article, but the opinions are our own and don’t necessarily represent Dell’s positions or strategies.)

Bookmark and Share

Cloud Musings

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2012)

Follow me at https://Twitter.com/Kevin_Jackson
Posted in

G C Network