Mobile Cyber Attacks: How to Stay Protected in an Overly-Connected World

Back to all articles

Mobile Cyber Attacks

It is no secret that today’s society relies heavily on their mobile devices. From tracking your calorie count and fitness progress to paying for your groceries with a swipe of your finger, our mobile devices have essentially become an extension of ourselves. In many ways, these devices bring a new age of simplicity to a complex world, but this simplicity can come at a high price. This blog will shed light on mobile cyber attacks, and ways to overcome them.

The movement towards a more mobile workforce has forced organizations to adapt their business practices to extend far beyond the safety and security of their networked environments. The evolution from company-issued Blackberrys to BYOD (Bring Your Own Device) has created an expansive attack surface for an organization’s security team to manage and protect.

Since an organization’s attack surface has grown to include networked space that is not under their control, how can they keep their users safe when on the go? As with everything that makes up the security space there is no “one-size fits all” solution. However, one of the most important actions an organization can take to combat this security risk is to create informed users.

Informed users are an organization’s first line of defense. The more informed their user-base is, the less likely they will become a victim of a mobile attack. Many organizations may already have or are working to create policies and procedures around BYOD to convey the rules and best practices to keep not only their users safe, but to keep the company data and integrity protected. Just like any policy or procedure implemented within an organization, these mobile device policies should be regularly reviewed and updated as new threats or features are introduced. Let’s take a look at some of the threats our users face, and ways to help them reduce their risk when they’re on the go.

Phishing

It seems no matter who you are, CEO or a regular everyday user, you run the risk of falling victim to a phishing attack. In a phishing attack, attackers present themselves as a legitimate person or firm to try and trick unsuspecting users into handing over valuable data about themselves or their organization. Most times these unsolicited attempts will be presented over email, but this trend is now spreading to mobile and social media. It is human nature to want to trust in others, especially if the source seems like a legitimate request or offer, but how do overcome this urge to trust?

  • First things first: If the source is not trusted or it seems suspicious, DO NOT CLICK! This practice may seem simple, but people fall victim to this scheme more times than you would expect. So, when in doubt, exit out.
  • If you suspect that the email may be legitimate, but because of your training you are still suspicious, perform some investigative work. Most phones will allow you to preview which site the link will direct you to by holding your finger over the link (without clicking it). Look for small spelling errors that may normally be overlooked. If you have never used this feature before, test it out by emailing a trusted link to yourself and practice using it before attempting it on a potentially malicious email.
  • Research the sender’s email domain against their legitimate site. If there are any one-offs, do not trust it.
  • Legitimate companies will never ask you to provide your username, pin, password, or will they ask you to pay them via a prepaid credit card. If you receive an email asking you to verify these items or any other personal information, do not respond. Contact the institution in question to provide them with the details of the email received. By doing this, you can alert them to this scheme and they can provide their users with a warning against this attempt.

Unsecured Wireless “Hotspots”

Our need to be constantly connected can pose an unintended risk to our mobile safety. Many establishments try to fulfill this need by providing free WiFi access to their patrons. Everywhere from your local coffee shop to Disney World, WiFi access has become a common and necessary service for companies to provide to its customers. However, this service may provide you with more than a free way of staying connected.

  • Never connect to an unsecured WiFi network. An unsecured WiFi network or hotspot is one that a user does not need to provide a password to connect. These networks are a prime target for attackers to snoop or spy on a user’s online activity. Attackers can steal information such as login credentials, credit card data, or personal data which can leave them vulnerable to identity theft or theft of proprietary information.
  • Many mobile providers offer personal hotspots to their users for a small monthly fee. This service can provide a user a secure way of connecting on the go. As long as you have a mobile data connection, you have a secure communication path.
  • However, if you are forced to connect to one of these unsecured networks, invest in a VPN service. Some organizations may have the ability to provide their mobile workforce VPN connectivity, but for those who do not have access to this, it is a highly recommended investment. VPNs (Virtual Private Network) protect its users by encrypting their Internet connection which prevents attackers or anyone, including Internet Service Providers, from seeing the information sent over the network.

Malware

Malware continues to be a threat to organizations regardless of how their users connect. Long gone are the days where security teams had to only be concerned about their internal assets falling victim to these destructive tactics. Now as organization’s environments stretch across the nation and across the world, the need to extend their security programs are even greater.

This combination of business assets on personal devices has added an additional layer of complexity to protecting an organization’s network. To combat this issue, end users should be conditioned to follow a few simple guidelines when using their personal devices for business purposes:

  • Utilize a security application to detect malware. An organization should research acceptable applications their end users can install on their devices to periodically scan for and detect malware.
  • End users should be trained on application security. Educating users on how to determine if an app is legitimate will help to prevent them from inadvertently downloading an application that may contain malware.
  • Some organizations may even opt to have stringent BYOD policies and procedures where certain applications cannot be downloaded of their personal devices if they are being used for business purposes.
  • As simple as it sounds, educates end users on the dangers of clicking on suspicious links. Even links found on popular social media sites might lead to a malware infection. Following the same steps outlined in reducing phishing attacks, will help prevent users from falling victim to a malware attack.

The actions outlined in this article are a few simple steps, which, if consistently followed, will reduce an organization’s risk when it comes to mobile devices in their environment. Although organizations today are taking many preventative measures, all it takes is one successful attack to lead to devastating consequences and a full-blown security incident. Security teams need to be able to detect and respond immediately to any and every security alert which they face, whether from a phishing attack, malware attack or other forms. With the increasing volume of alerts, the most effective and efficient way to do this is through automation and orchestration, to ensure no alert goes undetected or untouched. Contact DFLabs today to arrange a personalized demo of its Security Orchestration, Automation and Response platform, IncMan SOAR.

Get Started with a One-to-One Personalized Demo

Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.

See IncMan SOAR in Action.

Request Your Live IncMan SOAR Demo.

DFLabs IncMan SOAR is the pioneering Security Orchestration, Automation and Response (SOAR) platform to automate, orchestrate and measure security operations tasks.

IncMan SOAR harnesses machine learning and automation capabilities to augment human analysts to maximize the effectiveness and efficiency of security operations teams, reducing the time from breach discovery to resolution by up to 80%.

What You'll See in a Demo

See for yourself why IncMan SOAR is the preferred solution of Fortune 500, Global 2000 and MSSP clients. DFLabs IncMan SOAR at a glance:

  • Full and semi-automated Incident Response, improving response times by up to 80%
  • Covers the entire spectrum of IR and SecOps
  • Automated Responder Knowledge (ARK) generated by machine learning
  • Highly flexible and customizable, with over 100 templates and automation actions out of the box
  • Correlation engine correlates all relevant IOCs and artefacts between incidents
  • Multi-tenancy and granular role-based access
  • Dual mode playbooks and intelligence sharing
  • Powerful case management with integrated forensics capabilities.

Yes, I want a demo

DFLabs would like to stay in touch to provide you with marketing related content. By ticking the box you consent to receive educational, company and promotional information from DFLabs and accept DFLabs' Privacy Policy.

* Required fields