It is now possible to access your company resources whenever you need to, whether working from your living room, sat in a restaurant or chilling in the park. When you do need to work from the office, smartphones and tablets are often a lot more convenient to use than a bulky laptop. The benefits of having a computer that fits in your pocket or bag are hard to ignore, especially for people who are always going from meeting to meeting. In short, the flexible working opportunities presented by mobile devices are copious and there to be harnessed by companies who want the most from their employees.
However, according to Cisco’s 2014 Annual Security Report, the creation of mobile malware is also on the increase. This could be the cause of severe headaches for businesses, as more and more access to company information is becoming available via mobile platforms. But, despite being aware of the risks, employees can be careless about the security of their mobile devices. We have become so comfortable using our company devices for personal reasons in day-to-day life, that we often forget about how much access they provide to confidential company files and other data. The vulnerability of an unknown Wi-Fi connection is often the last things on a person’s mind, as they think about that urgent email they need to send.
It is crucial to be aware of these risks, as we operate in this age of ‘industrialised hacking’. Nowadays, attacks are not likely to come just in the form of a one file that infects individual devices. They are made up of multiple moving parts, that start with one device getting infected, via an email or a link to a compromised website, and typically result in the attackers moving around laterally within the target organisation until they find the data they were looking for. It is also more difficult to determine the type of person that is likely to be the attacker. In this connected world we live in, the chances are there’s someone out there that’s motivated to break into your organisation’s network and, with the industrialisation of hacking, they don’t even need to possess all the skills to see their plan through. They can merely rent attack tools from someone who does! Exploit kits, such as BlackHole and Cool Exploit Kit, continue to be very popular with attackers, as they are cost effective and relatively simple to use and are continually updated to include the latest vulnerability exploits. And, when the authorities catch up with the authors, as was the case with BlackHole in October 2013, then new kits just spring up to replace them.
There is clearly a lot to be concerned about and malware that is designed specifically to exploit mobile device vulnerabilities is becoming a huge blot on the security landscape. Users’ appetite for new creative and innovative apps is insatiable, which poses a real challenge for those looking to securely enable their use for business purposes. It is difficult to restrain users from downloading new apps, but ensuring they stay away from unofficial app stores is vital – the recent story about malware posing as Google’s official Play Store proves just how careful people have to be when downloading files of any kind to their smartphone. Mobile devices are just as vulnerable to the oldest tricks in the book as their desktop predecessors. Hackers can take advantage by sending malicious links to those busy travelling, and therefore not concentrating properly, as they read emails on their phone. Just one moment of distraction and a mobile device can be instantly infected.
Despite all of these risks, it is difficult to ignore the advantages of the mobile device for businesses. And why should they have to? Companies have a responsibility to put in place policies covering when and how mobile devices should be used at work, and ensure their workers are properly educated about the security implications. Before an attack, organisations should establish control over where, when and how mobile devices are being used and what data they are able to access and store. During an attack, complete visibility is crucial for professionals to identify compromised devices and monitor their activities, across the extended network. After an attack, companies need to quickly review how the threat was able to enter the network, which systems it interacted with and what applications and files were run. This will allow the scope to be determined and the threat to be contained and then cleaned up as quickly as possible. By having these plans in place to detect, prevent and remediate the threat of mobile malware, organisations will at least have a shot at staying one step ahead of increasingly cunning cyber-criminals.
Sean Newman, Security Strategist at Cisco.