Metova are the minds behind CyberCENTS cybersecurity training programs. Read on for a link to their full article as well as a quick rundown of their top 5 biggest mobile threats facing security professionals today.
1. Clone Wars
Do you have Instagram on your phone? Pokemon Go? Counter Strike? Breadwallet? All of these applications have been the target of malicious app cloning. In order to do this, hackers create similar applications designed to trick a user into downloading them. Users blindly give the app permission to access the device as if it were the original app. Then it becomes easy for the application to commence its dirty deeds.Check out the full article to learn ways to protect yourself!
2. Android “Instant App” Vulnerabilities
This past year at Google I/O 2016, the idea of instant apps was introduced. Instead of needing to wait and download an entire application to use a piece of functionality, only that one piece is run. Because the applications will need to be modularized, there is a new opportunity for backdoors and malicious code to be added. Since many applications are already in the Play Store, the approval process for updates may be more lax, allowing for malicious additions to enter unnoticed.
3. Mobile Ransomware
Mobile ransomware was in our list of top mobile security threats last year. This year, it is still a top vulnerability. People live their lives on their phones. They are used for everything from social interactions to shopping to working. Ransomware expects that your device stores large amounts of important information- information you would willingly pay large sums of money to get back if it became unavailable.
4. SMS-based Attacks
Up until recently, two-factor authentication via SMS has been a recommended option for safer login. After entering a username and password, a user must then submit a code sent to them via text to complete authentication. It is unlikely that a person’s username, password AND physical device would be compromised at the same time. Unfortunately, now through redirection or interception, hackers can access an SMS without needing the actual device. Because of this, NIST (the National Institute of Standards and Technology) is considering removing out-of-band authentication using the SMS from their guidelines.
5. Improper Platform Usage
Operating systems come with security features and best practices. iOS has a keychain feature that assists applications in the storage of passwords and any other bits of secure data. Others may focus on payments, permissions, or communication. These features are there to guard against a variety of vulnerabilities. When these are overlooked, misunderstood, or blatantly ignored, it makes an application vulnerable. Use a developer who is familiar with the ins and outs of the platform to ensure your application takes advantage of these features.
Click here to read the full article which includes the rest of the top 10 list along with tips to keep yourself safe against these cyber threats.
Looking to validate your cyber security skills?