The IT threat landscape in Australia is mobilising as companies allow employees to access corporate assets with their own mobile devices. It’s vital that key decision-makers understand the user behaviour and trends which are leaving employees open to threats through BYOD initiatives.
In the desktop world, cybercriminals can easily purchase exploit kits on the underground market and use malnet infrastructures to continually launch malware attacks on workers. While weaponised exploits that target mobile devices have not yet appeared in the underworld, established desktop attack techniques such as pornography, spam and phishing that have worked well are now successfully migrating to the mobile world.
Many of these tactics are device agnostic, so expanding the attack to target mobile devices is relatively simple. Phishing, scams and spam target users on all devices in an effort to convince users to provide credentials or other confidential information, such as credit card information. This means that most mobile browsing danger is currently from ‘mischiefware’ as a result of ‘for-pay’ services run by cybercriminals.
User behaviour drives threats
Blue Coat’s mobile security report released last month analysed data from 75 million users worldwide and identified several weaknesses in mobile use that enhance the risk of threats:
• Mobile users are big consumers of recreational content – the percentage of requests for recreational content is twice as high for mobile users over desktop users. Recreational content is exactly where cybercrime posts their “bait” links for unsuspecting users
• Links are often truncated or shortened via a service such as “bit.ly”, which impedes a user’s ability to determine safe sites from unsafe sites.
• Mobile versions of websites are often crafted and hosted by third parties, which conditions users to become comfortable visiting unknown URLs.
• Mobiles devices increase the risk of passwords being exposed to an onlooker. They typically expose the password, character by character, to allow people to read from a distance.
• It is difficult to determine security quality of mobile applications, which results in unencrypted personal data is often sent over open networks.
Android security risks
The unregulated app market and diversity of Android-based devices ensures that cybercriminals will find greater success targeting these platforms. Android malware is rapidly increasing with a 600 percent increase seen in June - September 2012 when compared to the same period in 2011.
One thing is clear: cybercriminals are launching more threats aimed at smartphones and tablets. They are becoming more effective at driving users to those threats.
What companies can do
With Australian companies continuing to adopt BYOD initiatives and allowing employees to access corporate assets with their own devices, it’s important to ensure security controls extend to mobile devices as well with a minimum level of security.
As a first step, extending an enterprise-class real-time web security solution to include mobile devices is a great move towards protecting your employees.
From a security perspective, users will tend to go with the application that provides the best user experience even if it is not the most secure option. For example, if logging into a VPN is cumbersome or provides poor performance, a user will find another way to send out documents. That method won’t always be secure or even compliant with regulations.
Closing the mobile application gap on your network is also essential. Make sure you can see and consistently enforce policy across all three types of applications (and their operations) that may be running on your network including:
• Desktop based web applications
• Mobile web applications
• Native mobile applications.
It is important to adopt best practice which includes blocking all content to mobile and desktop devices from dangerous categories, including pornography, phishing, spam and even suspicious web sites.
Another tip is to block executable content from un-rated domains and categories that typically host malware, such as Dynamic DNS hosts.
Jonathan Andresen is director of product marketing at Blue Coat Systems