Data Leaks and Apps
NowSecure discovered that nearly 25% of all mobile applications have some sort of serious security flaw putting at risk any business connected to the Internet of Things (IoT). Cybercriminals are not only using ransomware on dedicated servers, office computers, and mobile devices. These criminals are also doing this via such applications that are discovered to have major security flaws. They are sometimes referred to as “leaky applications”. A solution is to install vulnerability scanning software on all devices. They help spot security issues and must be running on a frequent basis.
Several different pieces of technology connect together as well as to the internet. This results in several points of entry into a business’ sensitive data producing a more complicated security environment. Make sure to inform employees of required security standards. In addition, harden all devices and protected them 24/7. Compromised mobile devices do not necessarily end with that device alone. Cybercriminals use mobile devices as merely a starting point to engage in additional damaging activities to a firm’s security.
Many free applications are a simple and sure way for hackers to gain access to supposedly secured systems. This starts with at least the mobile device itself and possible going from there to other connected devices.
In the 2016 Mobile Security Report by NowSecure, they analyzed over 400,000 applications available on the Google Play online store and discovered some alarming and worrying facts. Apps use up to 87% of the time a mobile device. Of those apps, nearly 25% had a high-risk security flaw. Not all apps may technically be considered as having a security flaw. Apps transmitting sensitive data may be considered a security risk for an organization. Know what data is being leaked, how and why. It is an important issue to consider for any business. Also, not all organizations have implemented strong security protocols when it comes to bringing a BYOD into the workplace. Half of all apps on mobile devices transmit some form of data to somewhere.
One of the hardest issues to deal with is once an issue is discovered is how to then discover where an attack is coming from and what data has been at risk.
A constant evolving IoT makes this issue more difficult especially so with BYOD in the workplace where users have games installed on their devices. NowSecure estimates that out of all the apps available, games are 1.5 times more likely to have a high-risk vulnerability. This again can also lead to ransomware as a user is locked out of his mobile device and/or the cybercriminal has access to other systems via that mobile device preventing access. Ransomware does not only involve large organizations able to pay large sums of money. All business from SMB’s to a business run by an individual can be a target of these attacks too.
The days of ransomware being executed via email attachments and random download files are not as effective as employees are more skilled at spotting these attempts. Apps have become a more poplar tool to use in order to cary out cybercriminal activity.
A recent survey sponsored by Tenable within the LinkedIn Information Security Community revealed that just over 70% of respondents have BYOD’s in the workplace. These same devices are accessing several SaaS applications as well as the most popular being email, calendars, and contact management information. Alarmingly, 39% of these respondents revealed that malware had been downloaded onto their mobile devices which again is pointing to the fact that cybercriminals are targeting these devices more frequently. (HummingBad was notoriously bad malware that would install malicious apps.) Many other sources are also revealing the popularity of BYOD at the workplace.
21% of respondents in the same Tenable survey revealed experiencing a security breach through BYOD or mobile devices. Outdated smartphone Operating Systems on older phones are also a security risk, especially if security updates have not been installed on these insecure phones.
What becomes especially difficult is if cybercriminals learn standard behavior and patterns within a company, they can emulate those patterns and for example pretend to be a colleague (or friend) “forwarding” a message asking if they can perhaps open an attachment for them as they are having difficulty. This may also involve a snazzy new email app that was available as a free download that is able to open anything or an app that is a file viewer from an unknown publisher etc. A synchronized location located on a dedicated server, for example, can end up infecting several devices at once this way too if several employees are also connected.
A good resource and starting point for determining a firm’s security state is with Rapid7.com which has free security tools to scan for issues and determine if there are any vulnerabilities with their vulnerability management and penetration testing tools.
One of the strongest defenses any firm can have is if they are willing and able to adapt to evolving technologies to improve their security defenses. IoT security is never at a standstill and always evolving. Application Security (AppSec) should play a strong part in cyber security especially since mobile devices are gaining in popularity and in many cases even replacing large stationary computers.