Mobile device security: A new frontier for hackers

Microsoft vs Google in Cloud Computing

By G C Network | May 22, 2008

Many took note of the Randall Stross essay in the New York Times last weekend. In it he succintly described why Microsoft is failing in it’s attempt to bridge the…

IBM at Forrester IT Forum

By G C Network | May 22, 2008

At the Forrester IT Forum yesterday in Las Vegas, Rick Lechner, VP Enterprise Systems at IBM, made the following comments The changing face of globalization (transformation from exporting to multi-nationals…

HP & EDS

By G C Network | May 21, 2008

In an interesting take on his Enterprise Architecture blog, Chris Pearson sees the HP acquisition of EDS as a ploy by HP to remain relevant in a cloud computing world.…

The Library of National Intelligence (LNI) – A Possible Cloud Application

By G C Network | May 20, 2008

In the MAZZ-INT Blog a couple of weeks ago, Joe Mazzafro artile on “Intelliigence and the Concept of Customer” stated that a “realistic business model for the IC to assume…

Net-Centric Enterprise Services – An Update

By G C Network | May 19, 2008

Net-Centric Enterprise Services (NCES) is about to enter the initial operational test and evaluation phase. NCES are a set of capabilities that support network-centric warfare operations and information sharing. It…

Microsoft Renews Yahoo Bid

By G C Network | May 19, 2008

Microsoft renews Yahoo bid and is now offering to buy a piece of Yahoo. I believe this is just the opening of the second round. Follow me at https://Twitter.com/Kevin_Jackson

Cloud Computing Risk

By G C Network | May 18, 2008

CIO.com reviewed the top three concerns that the IT executives have regarding the adoption of cloud computing – security, latency, and SLA. These concerns seem similar to those previously assigned…

Grid vs. Cloud – May 17, 2008

By G C Network | May 18, 2008

From Geva Perry’s April 25th blog Cloud Computing overtaking the term Grid Computing With the term “cloud computing” rapidly being hyped everywhere, I did this little exercise on Google Trends…

Blogsphere Clouds – May 16, 2008

By G C Network | May 18, 2008

The cloud is billowing in the blogsphere !! Virtual Computing in the Cloud — How a Universal Dialtone Will …Virtual Cloud Computing represents the next wave of virtualization and offers…

Gartner on Cloud Computing / Yahoo vs. Icahn- May 15, 2008

By G C Network | May 18, 2008

Gartner thinks that cloud computing may be the next big thing: By 2012, 80 percent of Fortune 1000 enterprises will pay for some cloud computing service and 30 percent of…

Recent security breaches have heightened our awareness of cybersecurity issues. The hack and other security breaches have resulted in unprecedented damages. However, the majority of mobile device users have yet to be sensitized to their personal and corporate security risks.
Staples
For example, a security study found that 69 percent of users store sensitive personal information on their mobile devices.  Examples include banking information, confidential work-related items and provocative videos and photos. In addition, 51 percent of mobile device consumers share usernames and passwords with family, friends and colleagues. This in spite of the fact that 80 percent of such devices are unprotected by security software. 
While mobile device security attacks are relatively small, they are the new frontier for hackers.  Listed below are highlights from several mobile device surveys:

  • The four top threats to mobile devices include: 1) lost and stolen phones; 2) insecure communications; 3) leveraging less-secure, third-party app stores; and 4) vulnerable development frameworks.
  • One in 10 U.S. smartphone owners are victims of phone theft.
  • Mobile malware attacks are increasing, with 2014 exhibiting a 75 percent increase in Android malware attacks on devices.
  • The use of mobile devices to access enterprise resources introduces significant security risks.

Cyberattackers are typically attempting to obtain access to sensitive or personal data, and then use it to access financial accounts. Some methodologies used include social engineering, distributing and executing malware, and accessing data through public Wi-Fi networks.
A recent survey found that phishing and scams for winning free stuff were the most popular SMS attacks. Unsolicited SMS messages attempted to trick users into providing detailed, sensitive information about their financial accounts at major banks. The mobile malware StealthGenie secretly monitors calls, texts and videos on mobile phones. Bitdefender has been able to break the secure communications between a Samsung watch and an Android device with ease, using brute force sniffing tools. (See “5 New Threats to Your Mobile Device Security” for more information.)
These are a sampling of the numerous cybercriminal methodologies for accessing user finances and data. Listed below are some user actions for reducing or minimizing a successful attack:

  • Always enable password or PIN protection on your device.
  • Run scans using a respected security and malware program on a regular basis (see the best antivirus software for Android devices).
  • Subscribe to managed mobile device services such as anti-malware and mobile device locator services; also lock the device and wipe all data in the event of device theft.
  • Encrypt mobile device data.
  • Install/run the latest versions of your device OS and all mobile apps.
  • Upgrade to the most recent firmware for your mobile device.
  • Do not access secure or highly sensitive information while using public Wi-Fi networks.
  • Avoid clicking on ads on your mobile devices.
  • Do not configure phones to allow the installation of apps from unknown sources, e.g., only download  from well-known and trusted app stores (although they are not foolproof).
  • Observe all corporate bring-your-own-device (BYOD) and related policies.

In addition, ISO lists some common sense advice regarding mobile devices, as included below:

  • Do not openly display a device — keep it in a pocket or handbag.
  • If possible, avoid using it in crowded areas.
  • Properly mark your phone with your ZIP code.
  • If the phone is lost or stolen, report it immediately to the police and to your service provider.
  • Be aware of your surroundings and the people near to you.
  • Do not leave it unattended – keep it with you at all times.
  • Make a note of your phone’s IMEI number.
  • Do not leave a device in view in an unattended vehicle.

( This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. To learn more about tech news and analysis visit Tech Page One. Dell sponsored this article, but the opinions are our own and don’t necessarily represent Dell’s positions or strategies.)

Bookmark and Share

Cloud Musings

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2012)

Follow me at https://Twitter.com/Kevin_Jackson
Posted in

G C Network