/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow Us/ciol/media/post_banners/wp-content/uploads/2019/09/2019-Mobile-Threat-Landscape.jpg)
Recently, a cybersecurity provider CrowdStrike released a report covering cybersecurity in the mobile space. As India witnessed a rapid growth of electronic payments and mobile banking in India. According to the Reserve Bank of India’s 2017-18 Annual Report, mobile banking volume grew 92% in volume of transactions and 13% in value of transactions from March 2017 to March 2018 while the number of mobile banking users grew 54% during the same time frame and little change in the number of ATMs deployed. In India, 92.6% of total retail payments volume is electronic, up from 88.9% in the previous year, much higher figures than in the U.S.
This set a ground for attackers to utilize the mobile platform and hack the mobile payments and banking details elevating the risk of financial crime and cyber-attacks. The report talks about the potential risk and its findings.
5 Key findings of the report
0 The targeting of mobile platforms is increasingly being adopted by a range of criminal and targeted intrusion adversaries.
0 Malware targeting mobile banking is likely to remain prolific, supported by an active underground industry of developers operating mobile “malware-as-a-service” subscription models to complement their desktop offerings.
0 Targeted adversary groups continue to develop mobile malware variants, typically as ports of established malware families. Development capability has proliferated to less-skilled groups due to the accessibility of proof-of-concept mobile malware variants.
0 Mobile malware running on the Android operating system is the most prevalent at this time, driven by the ease of installing new applications from third-party sources.
0 The current maturity level of mobile security solutions lags behind that of traditional platforms, leading to longer potential attacker dwell times on compromised mobile devices.
The ubiquitous, global use of mobile devices and the amount of corporate data so many of them hold mean that mobile threats will continue to proliferate. Just as certainly, both nation-state and eCrime groups will continue to innovate and refine their mobile attacks to evade your organization’s security defenses. CrowdStrike recommends that all organizations consider the following measures to help better secure the mobile devices connecting to sensitive corporate data every day:
6 Recommendations for Strengthening Your Mobile Security
1. Download applications from trusted sources such as official app stores: The majority of mobile malware is distributed from third-party sources that do not perform comprehensive checks of the applications they provide.
This provides opportunities for malicious actors to include unwanted code contained within Trojanized applications. Official sources such as the Apple App Store and Google Play Store provide some level of verification on the apps they provide, limiting the risk of exposure to mobile malware.
However, numerous instances of malware have still been distributed via these official channels, even though apps were subjected to checks, and users need to be wary of the applications they download; gaming and mobile banking applications are particularly popular carriers of malicious code.
2. Be on the lookout for phishing messages: Users should be wary of messages being delivered by SMS or email that prompt them to install applications from untrusted sources because this mechanism is often used by attackers to trick their targets into installing mobile malware.
3. Regularly apply security patches to mobile operating systems and installed applications: Flaws in operating system software can be exploited by malicious actors to install mobile malware and escalate operating privileges to obtain greater access to data and capabilities on the device. In response, vendors will identify vulnerabilities and develop patches to secure devices from exploitation. These patches should be installed at the earliest opportunity to reduce the risk of exposure.
4. Establish security around solid MDM processes: Corporate management of mobile devices can provide protection against mobile malware by restricting which applications can be installed and allowing for the automatic deployment of security patches. However, this capability can also provide opportunities to an attacker, who may be able to leverage their own MDM servers to deploy malware.
That’s why organizations should lock down their corporate devices to ensure they are unable to communicate with untrusted MDM servers, and establish user security training to minimize the risk that phishing techniques could be used to trick them into enrolling manually with a rogue server.
Servers running MDM software for the organization should also be heavily monitored using endpoint protection, to ensure they are not compromised from within the network and used to push out malicious updates to mobile devices.
5. Evaluate mobile endpoint detection and response solutions: Solutions such as CrowdStrike Falcon for MobileTM take a visibility-first approach to mobile security, eliminating blind spots that lead to breaches. Security teams can see activity generated by Android and iOS enterprise apps, gaining deeper insight into their behavior and enabling threat hunting and rapid incident investigation. Learn more about Falcon for Mobile.
6. Maintain physical security of physical devices: Enabling strong passwords, or biometric authentication measures such as fingerprint or facial identification, in addition to ensuring that mobile devices are not left unattended, can reduce the risk that a malicious actor may be able to install malware manually during so-called “evil maid” attacks.