The Three Most Frequently Attacked Mobile Devices
Android devices, tablets, and jailbroken devices top list of riskiest mobile products in the enterprise setting
As mobile devices continue to become more sophisticated and more integral to employees' everyday work lives, these mini computers in our pockets and handbags continue to become bigger and bigger threats to IT security.
"The proliferation of the devices is happening so fast, and people are now pushing the limits on what they're using the devices for that IT is having a hard time keeping up," says Dave Hansen, CEO of Numara Software.
More Security Insights
- 10 Steps to Cleaning up Active Directory
- The Active Directory Management and Security You've Always Dreamed of
- Innovations in Integration: Achieving Holistic Rapid Detection and Response
- COBOL in the Big Data Era: A Guide
So many devices are big risks because critical information runs freely through them and security procedures are ignored for the sake of expediency -- these are tools built for convenience, after all. Most troubling, it is often the executive suite that champions fewer security controls so they can continue to use these mobile tools without fetters. That leads to an almost willful ignorance from IT, who would rather not butt heads with senior management.
"It's bizarre. I was a CIO for a Fortune 500 company, and I remember five years ago when I was the one that put passwords on BlackBerrys and thought they were going to burn effigies of me in the lobby," Hansen says. "There was yelling and debating going on at the executive level as to why we would to that ."
But ignorance gets us nowhere. In order to mitigate the risks, IT first needs to identify them. The following three devices are some of the biggest security threats to your infrastructure, whether you know it or not.
Devices running on Android OS are increasingly becoming a favorite among hacker for two big reasons: market share and openness.
As the number of Android devices has proliferated the market, it becomes an ideal medium for attackers to look for common vulnerabilities and quickly spread malware.
“Android took the lead in 2011 as the most often attacked mobile computing platform. With more than 45 percent share of the smart phone market, it's no surprise Android is the leading attacked platform," says Adam Powers, CTO of Lancope. "As we've seen with the Windows desktop OS, attackers follow the masses. Android smart phones offer softer targets compared to Apple's iOS and Blackberry OS. Market share combined with an accommodating attack surface have put Android phones in the cross hairs of many attackers.”
That accommodating attack surface is predominately caused by the open attitude about application development and distribution, says James Lyne, director of technology strategy for Sophos.
"It’s simple to write an application, malicious or otherwise, and distribute to phones," he says.
What's more, the open source platform gives attackers the opportunity to scour Android OS source code to look for ways to attack.
"The Android OS is more open than others, allowing attackers to more easily understand the device from a source code level," says Tyler Shields, senior researcher for Veracode. "Even more risky, from an application level, Android admits to not verifying the security of applications made available in their app store, which puts consumers at risk."
All Tablets, Especially iPads
Tablets combine the power of laptops with the portability of a magazine, making them a favorite of senior executives and power users who tend to use these devices to access the most important company information.
"Senior executives are bringing tablets from home. They're doing this because they're into high tech, and they want to be more productive and increase their efficiencies and become the most cutting edge person a work. For obvious reasons, that's wonderful but its creating huge headaches for CISOs and CSOs," says Tom Kellermann, CTO of AirPatrol. "Not only can someone hack the tablet and the back end network that it connects to through man in the middle attacks, but also you can then hack the tablet and then turn the microphone and the camera on in settings they shouldn't be on, like board rooms."
With the iPad taking up the biggest market and mindshare in this category, its no surprise that these devices are a big risk. This is especially true given how iPads are typically used. They're primarily designed to process documents and data and store them offsite, syncing up with insecure cloud storage applications that just open up a whole other can of worms for IT.
"iPads pose the worst risk as far as data leakage in concerned since they are mainly used for consumption of enterprise information in various form of documents," says Guy Levy-Yurista, vice president of products and development for AirPatrol. "This sensitive info is not properly encrypted, and is rarely confined to the device; it can be easily forwarded to a private account and out of the control of the enterprise."
When devices are jailbroken, IT tends to lose any ability to control how they interact with network assets or how they're configured.
"This applies to iOS, Android, BlackBerry (and so on). A mobile device that has been jailbroken is one that's had its safety net removed. The makers of these devices are doing the best job of making truly safe systems, and jail breaking them makes them vulnerable," says Jon Callas, CTO for Entrust. "The only known iOS malware, for example, runs on jailbroken devices. It doesn't matter if it is a jailbroken iPhone or a Chromebook in developer mode, when you take the OS blade guards off, you're at risk."
In particular, jailbroken iPhones can be a big problem because they lose the 'walled garden' of closed configurations that Apple's built around them and because they're at the mercy of users who might use a tutorial to jailbreak but have little fundamental knowledge of how the technology really works.
"Most jailbroken iPhones haven’t modified the password used to jailbreak the device which allows the creation of rapid moving worms using the SSH service," Levy-Yurista says.
These three device classes are just a fraction of the risks posed by mobility. There are plenty of other devices and applications that put the enterprise at risk, too. Fundamentally, the real risk is treating mobile device security as a non-issue.
"This is a bit like asking what the three most dangerous things in the kitchen are. The knifes are obvious, as is the stove. I can get dramatic and mention the food processor. I could be esoteric and mention the mandolin or any other slicer. Or I could be puckish and tell you how the ice maker is dangerous," Callas says. "The reality is that the kitchen is a dangerous place to the careless or actively stupid.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.