To help companies stop mobile cyberattacks before they occur, Check Point has drawn up a list of the most common threats, and explains how to fight them:
1. System Vulnerabilities
Each version of an operating system for a mobile device has vulnerabilities that cybercriminals take advantage of. Android is particularly vulnerable: its more than 24,000 different types of smartphones and tablets are not updated consistently and simultaneously. Most devices still use earlier versions of the operating system in which these security errors have not been corrected.
The solution against this problem is the implementation of a solution that analyzes them to discover vulnerabilities and strange behaviors. When a threat is identified, the solution should automatically mitigate any risk until it is eliminated. With a better visibility of the vulnerabilities of mobile device systems, the risk of attack can be reduced.
2. Root And Configuration Changes
The root access allows users to customize and configure, but also gives easy access to cybercriminals. Some settings, such as allowing an Android device to install third-party applications from unknown sources, expose important vulnerabilities.
Companies need to have a complete solution to monitor changes in the device, including analysis to detect strange behaviors. This solution must be integrated with mobile device management (MDM) or enterprise mobility management (EMM) systems to restrict access and make real-time policy adjustments based on the risk of compromised devices.
3. Fake And Repackaged Apps
Criminals create almost identical copies of legitimate apps with the same icons, descriptions, screenshots and even user comments. Other times, they simply download a legitimate application, add malware and publish it in an unofficial store.
When downloading an infected program, victims receive malware in the form of a subscription to a premium SMS message service or surveillance tool. Malicious applications can, for example, enable the use of the camera and microphone remotely to spy on their victims.
To avoid being a victim of a malicious app, the first step is to use only the official Google and Apple stores. In addition, an advanced mobile security solution is needed to identify if it contains malware before it is installed, and remove it in case it poses a danger to the user.
4. Trojans And Malware
A Trojan is a type of malware that is hidden inside an application or that is installed through an unsecured network connection. You can listen and record your victim’s conversations, download your call log, track your location, record keyboard activity and collect used passwords.
To eliminate malware, a tool that analyzes applications and is able to identify their origin must be implemented. You should also be able to identify strange patterns and behaviors, such as using the device’s microphone to record sound files that you then send to external servers.
5. Man-In-The-Middle Attacks
Man-in-the-Middle attacks can spy, intercept and alter traffic between two devices, as well as steal credentials, messages and confidential information. There are warning signs that make these threats can be detected on PCs and laptops, such as a strange url (amaozn.com instead of amazon.com, for example). However, in smartphones with small screens the web address is sometimes hidden. In addition, an attacker can create a fake network or spy and alter the encrypted communications of a legitimate one using forged certificates or hacking it so that the traffic is no longer encrypted.
To combat these attacks, an analysis is needed that can detect malicious behavior and automatically disable suspicious networks to keep devices and data safe. It is also advisable to implement a secure virtual private network (VPN) on the device to protect the privacy and integrity of communications and minimize the impact of an attack.
Mobile devices, the networks they connect to and the applications they run can be exploited to steal confidential information such as documents, calendar appointments, emails, texts and attachments. Cybercriminals can use a device’s microphone and camera to spy on closed-door meetings and then send recordings to a secret remote server. They can even capture usernames and passwords when users connect to corporate systems that contain confidential data.
Unprotected connections, or those that use old or faulty security measures, allow cybercriminals to spy, steal or change data sent to and from devices. Malicious applications can give attackers virtually unlimited access to a device, its data and its network.
The advanced threat detection and response are critical components effective to prevent advanced attacks on smartphones and tablets. Traditional security solutions can identify known threats, but cannot detect newly created malware or vulnerabilities in networks, operating systems and applications.