Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/28/2016
02:00 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

5 Signs Your Smartphone Has Been Hacked

Mobile devices are increasingly popular vectors for cybercriminals targeting the enterprise. How to tell when a smartphone may be under attack.
Previous
1 of 6
Next

It's easier than ever to use smartphones as go-to devices for accessing sensitive data and critical apps. Unfortunately, it's also easier for cybercriminals to take advantage of them. 

"We're starting to see public indications that mobile devices are an amazing vector to attack," says Yair Amit, CTO and cofounder of mobile defense company Skycure. "More and more attacks target data on these devices: email, chat, credentials to other services." 

Amit explains how smartphones are helpful for productivity but double as "ideal tracking devices" for bad guys as people rely more heavily on them. 

"If I compromise your devices, I can steal data and credentials, but I can also monitor where you go, whom you meet with, why you meet with them, and what you say," he continues. 

Mike Murray, VP of security research and response for Lookout, emphasizes the shift in cyberattacks to mobile devices among enterprise users -- ironically, because of security measures already in place. 

"Until now, general attacks in the enterprise were on computers," he explains. "Because of the rise in two-factor authentication, and because of two-factor authentication via phone, the phone has become part of the cyber kill chain." 

If a hacker wants privileges within an organization, or their VPN, at some point he or she will have to compromise an employee's phone. 

The severity of business risk varies from victim to victim, Murray says. If an entry-level human resources employee says their phone is acting strange, it may spark less concern than if the same complaint came from a high-level exec who was recently on a major assignment overseas. 

"The risk profile is less about behavior than about why the behavior is likely," Murray explains. 

Black Hat Europe 2016 is coming to London's Business Design Centre November 1 through 4. Click for information on the briefing schedule and to register.

Businesses face several challenges when it comes to strengthening their mobile security. Employees bring several types of devices, powered by multiple carriers, and running many versions of different mobile operating systems. 

Unlike PCs, corporate mobile phones often double as personal devices. BYOD policies complicate security because employees are the owners, says Amit. Many times, businesses will implement safeguards that fail because employees simply don't like them. 

Murray also acknowledges a mindset problem. Many people don't yet realize the huge problem mobile security presents to the business. 

"We think of the phone as an extension of the Motorola flip phone, not realizing it's the most powerful digital access device that we have," he says. If more organizations would recognize the need to take mobile threats seriously, it would change the enterprise security posture. 

Here are some key red flags that could indicate a smartphone has been hacked.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 6
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
JamesF695
50%
50%
JamesF695,
User Rank: Apprentice
10/30/2016 | 2:22:07 PM
Thanks!
This was useful and informative
prostarjackets
0%
100%
prostarjackets,
User Rank: Apprentice
11/3/2016 | 3:49:06 AM
hi
The creative writing has inspired me a lot. I hope to see the same effort in the future too.

 
newamericanjackets at the walking dead jacket

I read the whole article by the author and I must say it is very nice. Thank for your sharing.
rjbarbal
100%
0%
rjbarbal,
User Rank: Apprentice
11/4/2016 | 12:51:02 PM
What to do next
Giving the signs of a hacked smartphone is useful for recognition, but including advice on what to do next to recover would be even better.  So, what to do next?  Here are some ideas on what to do if you suspect that your phone or other mobile device is infected:
  • install and run mobile anti-malware software (preferably from more than one vendor)
  • remove any apps that you don't recognize
  • consider wiping the device, restoring factory settings, and reinstalling apps from trusted appstores
  • use mobile security software on your device going forward
  • consider showing the device to a professional, especially if you think it might have been rooted
  • seek the cause of the infection, if possible, and take training on preventing future incidents
  • work with your incident response team to determine the extent of any breach of confidential data and how to respond
  • be more careful in the future

 
Stop Defending Everything
Kevin Kurzawa, Senior Information Security Auditor,  2/12/2020
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at Kaseya,  2/13/2020
5 Common Errors That Allow Attackers to Go Undetected
Matt Middleton-Leal, General Manager and Chief Security Strategist, Netwrix,  2/12/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20477
PUBLISHED: 2020-02-19
PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.
CVE-2019-20478
PUBLISHED: 2020-02-19
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safe_load in these use cases.
CVE-2011-2054
PUBLISHED: 2020-02-19
A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper in...
CVE-2015-0749
PUBLISHED: 2020-02-19
A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker ...
CVE-2015-9543
PUBLISHED: 2020-02-19
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is rel...