SlideShare a Scribd company logo

Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds

Happiest Minds Technologies
Happiest Minds Technologies

This document discusses key threats and attacks on application and mobile security, including advanced persistent threats (APTs), web application threats, and mobile threats. APTs are sophisticated, targeted attacks that establish ongoing access to target systems. Web applications are vulnerable to attacks like SQL injection and cross-site scripting. Mobile threats include malware, privacy threats from data-gathering apps, and network exploits that target mobile operating systems and wireless protocols. The document proposes a threat intelligence and monitoring framework to detect and mitigate these evolving cybersecurity risks across networks, applications, and devices.

Technology
1 of 12
Download to read offline
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved BATTLING IT OUT: APPLICATION AND MOBILE SECURITY Key Threats and Attacks through APTs on Application and Mobile Environment By Manoj Rai and Abdul Rehaman Happiest Minds, Security Services Practice
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Introduction Symantec source code hacked, LinkedIn password breached, Yahoo password breached - every week news of such major breaches capture the headlines. Dozens of less newsworthy acts of data theft occur on a regular basis and today, we are quite used to seeing new ways in which data security can be breached. However, the consequences still remain significant such as damage to reputation, steep fines and costs associated with fraud and other compensatory expenses. Today's corporate world is part of the battleground fighting against potential threats and attacks. Though the threat landscape is evolving rapidly, security has usually always caught up to gain the upper hand. This paper throws light on sophisticated types of attacks that exist today and measures that exist to counter them. As per a report in InformationWeek, top threats can be classified as: (Fig 1 Reference: InformationWeek) Based on these key facts, multiple threat groups, depending on their threat levels and exploitable strengths, could be grouped as follows: a) Advanced Persistent Threats (APTs) b) Web Application (Web 2.0) Threats c) Mobile Threats (application, web based and network)
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Advanced Persistent Threats (APT) APT is a buzz word in the corporate world but the hype has made it difficult to discern exactly what it is and extent to which it can be a threat to organizations. APT stands for Advanced Persistent Threat and it can be described as follows - Advanced – Perpetrators of the threat utilize the full spectrum of computer intrusion technologies and techniques. It uses a combination of various methods of attack and tools in order to reach its target. Persistent –Attacks with a defined objective that is followed through with constant monitoring and interaction. In this, attackers prioritize a specific task, rather than seek immediate financial gain. Threat –These attacks are planned and synchronized. These attacks adopt a low-key approach in order to avoid being detected and usually steer clear of technical sophistication which can leave behind clues. In most cases, attackers only need to get the employee of a company to open a piece of malware which is based on zero-day vulnerability. This grants them access to not only to the employee's PC, but also through it, potentially to the entire corporate network. These attacks increased concerns regarding the type of information sought by the APT. For example, a spear phishing e-mail, that is sent from a fraud email account of an executive within an organization to seek unauthorized access to company data. Another example is that of an attacker who gained access to networked critical assets and network topology by gaining access to the passwords of administrator accounts. A third example unrelated to corporates but involved siphoning data from emails and attachments related to terrorism. APT Lifecycle Process: Fig 2: APT Lifecycle Process The Impact: APTs establish and maintain a session in its target environment and these sessions remains active throughout. This is helpful because when additional data is sought from the target environment, the
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved APTs reach for its existing assets in order to locate and steal data. They do not need to re-establish presence. Web Application Threats: Web applications are the means of communication in today’s internet world, where information sharing is no longer a one-way exchange. . Examples include web-based communities, web applications, social- networking sites, video-sharing sites, wikis, and blogs.While all this interactivity is exciting and motivating, there is an enterprise threat behind every web application: losses in productivity, potential data leaks, and increased inherent security risks. A few top web vulnerabilities are listed below:  SQL Injection  Cross Site Scripting (XSS)  Cross Site Request Forgery (CSRF)  Improper Session Management  Improper Error Handling and Authentication Vulnerabilities  DDoS attacks The Impact: Web applications can come under threat in many ways from attackers, including SQL injections, DDoS, etc. and newer methods are constantly on the rise. For organizations, a breach in web application data security can cost them dearly leading to financial, effort and reputation related losses. The recent brutal attacks on Twitter, LinkedIn and Microsoft India websites have shaken the enterprise world. The Verizon data breach report-2012 shows the most common web breaching methods. (Fig 3 Image ref-Verizon data breach report-2012)
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Mobile Threats (Application, Web based and Network): Mobile phones have become ubiquitous in today’s lifestyle and the exponential growth in the use of mobile devices has also lead to a corresponding growth in security risks. Threat assessment: Mobile phones, tablets etc. function on operating systems and those with wireless connectivity are targets for a cyber-attack. Mobile Application-Based Threats Recent leading surveys have revealed that top online mobile phone activities include social networking (60%), reading the news (44%) and online messaging (42%). Closely behind these activities are mobile banking and payments (34%), location-based tasks, including navigation (25%); and online shopping (24%). Regardless of mobile platforms (Android, IOS or Windows), downloading applications on mobile instruments throw up a host of security issues, including software specifically designed to be malicious as well as software that can be used for malicious purposes. Malware is software that is specifically designed to engage in malicious behavior on a device. Malware can perform actions without a user’s knowledge, like charging the user’s phone bill, loss of files, sending unsolicited links to the user’s email contact list etc. Spyware, on the other hand, is designed specifically to collect or use data without a user’s knowledge or approval. Spyware can capture data such as phone call history, text messages, authentication credentials, internet usage habits, and other personal information. Privacy Threats can gather information that is more sensitive or critical than data obtained by Spyware like location, contact lists, personal information etc. and is caused by applications that are not necessarily malicious. Vulnerabilities of software applications are often exploited to enable an attacker engage in such undesirable behavior as gaining access to sensitive information, perform questionable actions, prevent or inhibit a service from functioning correctly and automatically download more apps without it being requested.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved (Fig 4 Image ref- F-Secure report-2012) Mobile Web-based Threats Mobile devices these days are continuously connected to the internet and are therefore susceptible to browser-based attacks and phishing. Phishing - Often email, text messages, Facebook, and Twitter are used to send links to phishing sites. Drive-By Downloads- This involves the automatic download of an application when a user visits a web page Browser exploits - An unsuspecting user can trigger a browser exploit (Flash player, PDF reader, or image viewer) just by visiting a web page that can install malware or perform other actions on a device. Mobile Network Threats Mobile devices typically support cellular networks as well as local wireless networks. There are a number of threats that can affect these networks: Network exploits target software flaws in the mobile operating system as well as other software networks like for Bluetooth, Wi-Fi, SMS, MMS etc. Network exploits typically do not require user intervention, making them particularly vulnerable to automatically propagate malware. Wi-Fi Sniffing targets Wi-Fi network flaws by compromising data being sent across a local wireless network. Many applications and web pages do not use proper security measures, sending unencrypted data that may be easily intercepted.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Roadmap to mitigate risks – An approach towards integrated threat intelligence: It is clear that the threat landscape is evolving at a rapid pace. It encompasses a complex grid of multiple symptoms and the ability to spot anomalous or erroneous actions over a period of time. Threats often targets specific objectives. There is a clear need to stay updated on threat-related information so as to face the challenges. There is therefore a pressing need for an enterprise security solution that helps in resolving security challenges as well as mapping out a clear picture of the potential risks, and evolving regulations for organisations to assess their options. With timely access to information on developing threats and vulnerabilities, organizations can start to counter the threat by detection, protection and mitigation responses more rapidly. The following steps could help towards building a secure intelligence framework: Step 1: Build threat intelligence on an on-going basis Step 2: Perform malware analysis, application and network forensics Step 3: Respond to an APT/malware incident Step 1: Build threat intelligence on an on-going basis Fig 5: Threat Intelligence
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved The image in Fig 5 depicts the process of building threat intelligence in steps: • Identify business critical assets and vulnerabilities • Verify and prioritize those vulnerabilities based on exploitability and overall risk rating • Identify gaps in security controls • Test and prioritize mitigation tasks • Establish effective controls Step 2: Perform malware analysis, application and network forensics The common recommended solution approaches can be categorized into 3 different tracks. Firstly, perform malware analysis, followed by application security assurance and network analysis through forensics. Malware Analysis includes: • Behavioral analysis : understanding the environment in which the malware specimen's operates • Code analysis: getting into the nuts and bolts of the code that of the malicious program to understand the source of the code • Memory analysis: going through the past history of the infected system Application Security Assurance includes: • Secure SDLC: integrate security in each phase of the application life cycle. • Network and application Vulnerability Assessment/Penetration Test: perform port scanning, vulnerability assessments and application PT • Application code review: review the application code following the secure coding checklists and best practices Network Forensics: • Storage analysis: examine storage media for evidence • Source code analysis: check software source code for malicious signatures. • Network analysis: scrutinize network traffic and logs to identify and locate the suspicious system Integration of all the above tracks and exporting the data to the monitoring system would help towards building a secure environment.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Step 3: Respond to an APT/malware incident -on-going monitoring and remediation In the event of an APT/malware incident, some of the processes enumerated below could enable in depth analysis of packet behaviour and establish controls, both technological and procedural, to prevent recurrence. Some of the common scenarios that are designed to thwart application attacks and emerging malware are:  Outbound traffic monitoring – At a primary level, specifically monitor outbound access whenever a suspicious packet is sent across the network. Organizations depend on proxy based features that monitor all outbound access.  Layer 7 : Web Application Firewalls – The Layer 7 application firewall looks at protecting against some of the web based application attacks like persistent XSS, SQL Injection and request forgery attacks to name a few. These devices proactively track the pattern of the attacks and continuously update the database engine to prevent further attacks. They also have the ability to understand the behavior of users who interact with the applications and can track and prevent them from the norm.  Using Security Incident and Event Management (SIEM) tool to continuously analyze logs and perform event correlation: Various logs collected from different scan sources would be fed into the monitoring system in order to study the pattern and behavior of malicious packets. The SIEM tool would provide event data aggregation and event correlation. This way, all the activity, irrespective of inbound, outbound or internal data, are analysed at a single location. The methodology using the SIEM tool helps to greatly expand the scope of threat analysis and provides the ability to work around various weaknesses in the traditional intrusion detection environment. Fig 6: SIEM process This becomes a very effective tool and offers an in depth defense strategy to the corporate world when some of the IDSs and IPSs fail to capture malicious packets.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved A Proposed Solution Framework: Evolving threats add to a different set of challenges that may require continuous vigil over new threats or discovery of a new vulnerability or disclosure of a new exploit or a new malware threat. With these challenges, there is a need to develop a solution framework that could address the organization’s resources in such a way that the relevance of new vulnerabilities, exploits or malware is tested and the organization responds instantly to them. The solution framework depicted in Fig 7 takes a holistic view of threats from network, application (enterprise and mobile), databases and various APT’s. Fig 7: Next gen Threat Solution Framework APT Detection and Remediation Advanced Network Forensics and Analysis Threat Intelligence Detection and Analysis • Detect behavior based threats • Perform deep packet inspection and out bound packet analyses • Conduct complete investigation of the incidents identified • Detect phishing emails and data access attempts • Conduct anomalous traffic analysis • Look out for suspicious connections • Perform regular vulnerability assessments and audits • Conduct session analysis of anomalous packets • Collect network traces • Protect and preserve incident logs • Investigate the incident MonitorandManage IntegrationwithSIEM/SOCservices Deploy,Integrate,Customize,Virtualize
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Added Benefits: The solutions approach detailed above allows organizations to protect their data by evaluation the security levels of the network, web application, database and end point system when faced with complex threats. A majority of the solutions discussed above are available as a hosted service on-premise or over the cloud. This standard structure is fortified by delivery models that will allow a user to choose a security solution that best suits their organization’s needs while also reducing the total cost of ownership. The overall benefits include:  Next-generation threat management solutions that is simple to use, including centralized reporting and controls  Detailed analysis on the latest APTs, malwares and exploits  Increase in overall security across remote and local IT assets. Reduction of cost of ownership with security-as-a-service from the cloud Conclusion: With the rapid pace at which attackers develop newer means to access unauthorized data, organizations are in urgent need to find a solution that responds to stringent security requirements. Enterprises require an intelligent and integrated enterprise security solution that allows real-time visibility, proactive vulnerability management and penetration testing across enterprise and mobile applications. A combination of host and network based protection that focuses on the application layer is to be considered as only layer 3 protection is no longer sufficient. An approach where customizable services are based on multiple solution stacks and based on an amalgamation of knowledge, best practices, compliance regulations and the latest technologies to deliver optimum results is s truly the need of the hour.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved About the Author Manoj Kumar Rai (manoj.rai@happiestminds.com) is the Technical Director and Practice Head of IMSS Application and Mobile Security at Happiest Minds. With over 12 years of experience in Application and Mobile Security specializing in Mobile Enterprises (E- commerce) and Mobile Payments, he is a frequent speaker on various technical subjects like Ethical Hacking and Secure SDLC. He is currently working on next-generation integrated threat management systems connecting enterprise cloud and mobility platforms. Abdul Rehaman (abdul.rehaman@happiestminds.com) is a Technical Consultant in the Happiest Minds IMSS Practice. He has more than seven years of industry experience in Application and Information Security. He has worked with several customers across various domains of information security. To learn more about the Happiest Minds Threat Security Offerings, please write to us at business@happiestminds.com About Happiest Minds Happiest Minds is a next-generation IT services company helping clients differentiate and win with a unique blend of innovative solutions and services based on the core technology pillars of cloud computing, social computing, mobility and analytics. We combine an unparalleled experience, comprehensive capabilities in the following industries: Retail, Media, CPG, Manufacturing, Banking and Financial services, Travel and Hospitality and Hi-Tech with pragmatic, forward-thinking advisory capabilities for the world’s top businesses, governments and organizations. Founded in 2011, Happiest Minds is privately held with headquarters in Bangalore, India and offices in the USA and UK. Corporate Office Happiest Minds Technologies Pvt. Ltd. Block II, Velankani Tech Park 43 Electronics City Hosur Road, Bangalore 560100, INDIA Phone: +91 80 332 03333 Fax: +91 80 332 03000 United States 116 Village Boulevard, Suite 200 Princeton, New Jersey, 08540 Phone:+1 609 951 2296 2018 156th Avenue NE #224 Bellevue, WA 98007 United Kingdom 200 Brook Drive, Green Park, Reading Berkshire, RG2 6UB Phone: +44 11892 56072 Fax: + 44 11892 56073

Recommended

Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
AliyuMuhammadButu
 
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
CSCJournals
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Information security
Information securityInformation security
Information security
Appin Faridabad
 
Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentation
jc06442n
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
Juan Carlos Carrillo
 
The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09
The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09
The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09
Tammy Clark
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and Training
Kimberly Hood
 

Recommended

Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
AliyuMuhammadButu
 
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
CSCJournals
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Information security
Information securityInformation security
Information security
Appin Faridabad
 
Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentation
jc06442n
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
Juan Carlos Carrillo
 
The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09
The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09
The Cost Of Preventing Breaches Educause Nat Conf Denver Nov 09
Tammy Clark
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and Training
Kimberly Hood
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
banerjeea
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
Ahmad Sharifi
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
IOSR Journals
 
The need for effective information security awareness practices.
The need for effective information security awareness practices.The need for effective information security awareness practices.
The need for effective information security awareness practices.
CAS
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec Technology and Consulting
 
IT & Network Security Awareness
IT & Network Security AwarenessIT & Network Security Awareness
IT & Network Security Awareness
The Network Support Company
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paper
Imaging Network Technology, LLC
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
Cristian Mihai
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ck
Narinrit Prem-apiwathanokul
 
Security Firm Program - Corporate College
Security Firm Program - Corporate CollegeSecurity Firm Program - Corporate College
Security Firm Program - Corporate College
WorkSmart Integrated Marketing
 
C3
C3C3
C3
Praveen Malisetty
 
Contending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelContending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security Model
IRJET Journal
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
IAEME Publication
 
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Rahul Boga
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET Journal
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_training
wardell henley
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and System
Param Nanavati
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
Anjoum .
 
ISSC422_Project_Paper_John_Intindolo
ISSC422_Project_Paper_John_IntindoloISSC422_Project_Paper_John_Intindolo
ISSC422_Project_Paper_John_Intindolo
John Intindolo
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
Mark Lanterman
 
IQA_Project
IQA_ProjectIQA_Project
IQA_Project
Ferdie Cruz
 
WAbrasives Steel-Shot-Grit-SAE-specifications
WAbrasives Steel-Shot-Grit-SAE-specificationsWAbrasives Steel-Shot-Grit-SAE-specifications
WAbrasives Steel-Shot-Grit-SAE-specifications
Joe Craig
 

More Related Content

What's hot

Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
banerjeea
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
IAEME Publication
 
ISSC422_Project_Paper_John_Intindolo
ISSC422_Project_Paper_John_IntindoloISSC422_Project_Paper_John_Intindolo
ISSC422_Project_Paper_John_Intindolo
John Intindolo
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
Mark Lanterman
 

What's hot (20)

Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
 
The need for effective information security awareness practices.
The need for effective information security awareness practices.The need for effective information security awareness practices.
The need for effective information security awareness practices.
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
IT & Network Security Awareness
IT & Network Security AwarenessIT & Network Security Awareness
IT & Network Security Awareness
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paper
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ck
 
Security Firm Program - Corporate College
Security Firm Program - Corporate CollegeSecurity Firm Program - Corporate College
Security Firm Program - Corporate College
 
C3
C3C3
C3
 
Contending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelContending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security Model
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
 
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_training
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and System
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
 
ISSC422_Project_Paper_John_Intindolo
ISSC422_Project_Paper_John_IntindoloISSC422_Project_Paper_John_Intindolo
ISSC422_Project_Paper_John_Intindolo
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 

Viewers also liked

WAbrasives Steel-Shot-Grit-SAE-specifications
WAbrasives Steel-Shot-Grit-SAE-specificationsWAbrasives Steel-Shot-Grit-SAE-specifications
WAbrasives Steel-Shot-Grit-SAE-specifications
Joe Craig
 
Jin's FREEDM poster
Jin's FREEDM posterJin's FREEDM poster
Jin's FREEDM poster
Jinyanzi Luo
 
Blastman General References
Blastman General ReferencesBlastman General References
Blastman General References
Joe Craig
 
Evolutionary Technique for Combinatorial Reverse Auctions
Evolutionary Technique for Combinatorial Reverse AuctionsEvolutionary Technique for Combinatorial Reverse Auctions
Evolutionary Technique for Combinatorial Reverse Auctions
Shubhashis Shil
 
Maple Leaf Cement Company Ltd 2
Maple Leaf Cement Company Ltd 2Maple Leaf Cement Company Ltd 2
Maple Leaf Cement Company Ltd 2
Talha Choudhary
 

Viewers also liked (15)

IQA_Project
IQA_ProjectIQA_Project
IQA_Project
 
WAbrasives Steel-Shot-Grit-SAE-specifications
WAbrasives Steel-Shot-Grit-SAE-specificationsWAbrasives Steel-Shot-Grit-SAE-specifications
WAbrasives Steel-Shot-Grit-SAE-specifications
 
WSU abstract_Jin
WSU abstract_JinWSU abstract_Jin
WSU abstract_Jin
 
Jin's FREEDM poster
Jin's FREEDM posterJin's FREEDM poster
Jin's FREEDM poster
 
Proyecto de vida
Proyecto de vidaProyecto de vida
Proyecto de vida
 
NIE mGeo Instructions
NIE mGeo InstructionsNIE mGeo Instructions
NIE mGeo Instructions
 
Hiring and Firing Co-founders
Hiring and Firing Co-foundersHiring and Firing Co-founders
Hiring and Firing Co-founders
 
Blastman General References
Blastman General ReferencesBlastman General References
Blastman General References
 
Evolutionary Technique for Combinatorial Reverse Auctions
Evolutionary Technique for Combinatorial Reverse AuctionsEvolutionary Technique for Combinatorial Reverse Auctions
Evolutionary Technique for Combinatorial Reverse Auctions
 
Focus 2013 4 trastornos de la personalidad (i)
Focus 2013 4 trastornos de la personalidad (i)Focus 2013 4 trastornos de la personalidad (i)
Focus 2013 4 trastornos de la personalidad (i)
 
Kirthivasan PEGA-LSA
Kirthivasan PEGA-LSAKirthivasan PEGA-LSA
Kirthivasan PEGA-LSA
 
Biomaagnetismo: Hongos par biomagnético
Biomaagnetismo: Hongos par biomagnéticoBiomaagnetismo: Hongos par biomagnético
Biomaagnetismo: Hongos par biomagnético
 
Maple Leaf Cement Company Ltd 2
Maple Leaf Cement Company Ltd 2Maple Leaf Cement Company Ltd 2
Maple Leaf Cement Company Ltd 2
 
Yrecommender, machine learning sur Hybris
Yrecommender, machine learning sur HybrisYrecommender, machine learning sur Hybris
Yrecommender, machine learning sur Hybris
 
RESUME AP
RESUME APRESUME AP
RESUME AP
 

Similar to Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds

Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
joellemurphey
 
Cyber Malware Programs And The Internet
Cyber Malware Programs And The InternetCyber Malware Programs And The Internet
Cyber Malware Programs And The Internet
Heidi Maestas
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
arnoldmeredith47041
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
malbert5
 
Top 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent ThemTop 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent Them
Chinmayee Behera
 

Similar to Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds (20)

Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
 
Cyber Malware Programs And The Internet
Cyber Malware Programs And The InternetCyber Malware Programs And The Internet
Cyber Malware Programs And The Internet
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful Business
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
 
Top 8 Types Of Cybersecurity Attacks.pptx
Top 8 Types Of Cybersecurity Attacks.pptxTop 8 Types Of Cybersecurity Attacks.pptx
Top 8 Types Of Cybersecurity Attacks.pptx
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdf
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBs
 
Top 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent ThemTop 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent Them
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
 
Research Paper
Research PaperResearch Paper
Research Paper
 
Cyber security
Cyber securityCyber security
Cyber security
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
 
Malware in penetration testing 1
Malware in penetration testing 1Malware in penetration testing 1
Malware in penetration testing 1
 
C018131821
C018131821C018131821
C018131821
 
Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security i
 
Cyber security threats and its solutions
Cyber security threats and its solutionsCyber security threats and its solutions
Cyber security threats and its solutions
 
Cyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxCyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptx
 

More from Happiest Minds Technologies

ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
Happiest Minds Technologies
 

More from Happiest Minds Technologies (20)

Largest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyLargest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case Study
 
BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24
 
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
 
DIGITAL MANUFACTURING
DIGITAL MANUFACTURINGDIGITAL MANUFACTURING
DIGITAL MANUFACTURING
 
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceExploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
 
AN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSEAN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSE
 
VMware to AWS Cloud Migration
VMware to AWS Cloud MigrationVMware to AWS Cloud Migration
VMware to AWS Cloud Migration
 
Digital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdfDigital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdf
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Cloud Reshaping Banking
Cloud Reshaping BankingCloud Reshaping Banking
Cloud Reshaping Banking
 
Automating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKAutomating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UK
 
PAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkPAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArk
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
 
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
 
How to Approach Tool Integrations
How to Approach Tool IntegrationsHow to Approach Tool Integrations
How to Approach Tool Integrations
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Recently uploaded (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds

  • 1. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved BATTLING IT OUT: APPLICATION AND MOBILE SECURITY Key Threats and Attacks through APTs on Application and Mobile Environment By Manoj Rai and Abdul Rehaman Happiest Minds, Security Services Practice
  • 2. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Introduction Symantec source code hacked, LinkedIn password breached, Yahoo password breached - every week news of such major breaches capture the headlines. Dozens of less newsworthy acts of data theft occur on a regular basis and today, we are quite used to seeing new ways in which data security can be breached. However, the consequences still remain significant such as damage to reputation, steep fines and costs associated with fraud and other compensatory expenses. Today's corporate world is part of the battleground fighting against potential threats and attacks. Though the threat landscape is evolving rapidly, security has usually always caught up to gain the upper hand. This paper throws light on sophisticated types of attacks that exist today and measures that exist to counter them. As per a report in InformationWeek, top threats can be classified as: (Fig 1 Reference: InformationWeek) Based on these key facts, multiple threat groups, depending on their threat levels and exploitable strengths, could be grouped as follows: a) Advanced Persistent Threats (APTs) b) Web Application (Web 2.0) Threats c) Mobile Threats (application, web based and network)
  • 3. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Advanced Persistent Threats (APT) APT is a buzz word in the corporate world but the hype has made it difficult to discern exactly what it is and extent to which it can be a threat to organizations. APT stands for Advanced Persistent Threat and it can be described as follows - Advanced – Perpetrators of the threat utilize the full spectrum of computer intrusion technologies and techniques. It uses a combination of various methods of attack and tools in order to reach its target. Persistent –Attacks with a defined objective that is followed through with constant monitoring and interaction. In this, attackers prioritize a specific task, rather than seek immediate financial gain. Threat –These attacks are planned and synchronized. These attacks adopt a low-key approach in order to avoid being detected and usually steer clear of technical sophistication which can leave behind clues. In most cases, attackers only need to get the employee of a company to open a piece of malware which is based on zero-day vulnerability. This grants them access to not only to the employee's PC, but also through it, potentially to the entire corporate network. These attacks increased concerns regarding the type of information sought by the APT. For example, a spear phishing e-mail, that is sent from a fraud email account of an executive within an organization to seek unauthorized access to company data. Another example is that of an attacker who gained access to networked critical assets and network topology by gaining access to the passwords of administrator accounts. A third example unrelated to corporates but involved siphoning data from emails and attachments related to terrorism. APT Lifecycle Process: Fig 2: APT Lifecycle Process The Impact: APTs establish and maintain a session in its target environment and these sessions remains active throughout. This is helpful because when additional data is sought from the target environment, the
  • 4. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved APTs reach for its existing assets in order to locate and steal data. They do not need to re-establish presence. Web Application Threats: Web applications are the means of communication in today’s internet world, where information sharing is no longer a one-way exchange. . Examples include web-based communities, web applications, social- networking sites, video-sharing sites, wikis, and blogs.While all this interactivity is exciting and motivating, there is an enterprise threat behind every web application: losses in productivity, potential data leaks, and increased inherent security risks. A few top web vulnerabilities are listed below:  SQL Injection  Cross Site Scripting (XSS)  Cross Site Request Forgery (CSRF)  Improper Session Management  Improper Error Handling and Authentication Vulnerabilities  DDoS attacks The Impact: Web applications can come under threat in many ways from attackers, including SQL injections, DDoS, etc. and newer methods are constantly on the rise. For organizations, a breach in web application data security can cost them dearly leading to financial, effort and reputation related losses. The recent brutal attacks on Twitter, LinkedIn and Microsoft India websites have shaken the enterprise world. The Verizon data breach report-2012 shows the most common web breaching methods. (Fig 3 Image ref-Verizon data breach report-2012)
  • 5. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Mobile Threats (Application, Web based and Network): Mobile phones have become ubiquitous in today’s lifestyle and the exponential growth in the use of mobile devices has also lead to a corresponding growth in security risks. Threat assessment: Mobile phones, tablets etc. function on operating systems and those with wireless connectivity are targets for a cyber-attack. Mobile Application-Based Threats Recent leading surveys have revealed that top online mobile phone activities include social networking (60%), reading the news (44%) and online messaging (42%). Closely behind these activities are mobile banking and payments (34%), location-based tasks, including navigation (25%); and online shopping (24%). Regardless of mobile platforms (Android, IOS or Windows), downloading applications on mobile instruments throw up a host of security issues, including software specifically designed to be malicious as well as software that can be used for malicious purposes. Malware is software that is specifically designed to engage in malicious behavior on a device. Malware can perform actions without a user’s knowledge, like charging the user’s phone bill, loss of files, sending unsolicited links to the user’s email contact list etc. Spyware, on the other hand, is designed specifically to collect or use data without a user’s knowledge or approval. Spyware can capture data such as phone call history, text messages, authentication credentials, internet usage habits, and other personal information. Privacy Threats can gather information that is more sensitive or critical than data obtained by Spyware like location, contact lists, personal information etc. and is caused by applications that are not necessarily malicious. Vulnerabilities of software applications are often exploited to enable an attacker engage in such undesirable behavior as gaining access to sensitive information, perform questionable actions, prevent or inhibit a service from functioning correctly and automatically download more apps without it being requested.
  • 6. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved (Fig 4 Image ref- F-Secure report-2012) Mobile Web-based Threats Mobile devices these days are continuously connected to the internet and are therefore susceptible to browser-based attacks and phishing. Phishing - Often email, text messages, Facebook, and Twitter are used to send links to phishing sites. Drive-By Downloads- This involves the automatic download of an application when a user visits a web page Browser exploits - An unsuspecting user can trigger a browser exploit (Flash player, PDF reader, or image viewer) just by visiting a web page that can install malware or perform other actions on a device. Mobile Network Threats Mobile devices typically support cellular networks as well as local wireless networks. There are a number of threats that can affect these networks: Network exploits target software flaws in the mobile operating system as well as other software networks like for Bluetooth, Wi-Fi, SMS, MMS etc. Network exploits typically do not require user intervention, making them particularly vulnerable to automatically propagate malware. Wi-Fi Sniffing targets Wi-Fi network flaws by compromising data being sent across a local wireless network. Many applications and web pages do not use proper security measures, sending unencrypted data that may be easily intercepted.
  • 7. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Roadmap to mitigate risks – An approach towards integrated threat intelligence: It is clear that the threat landscape is evolving at a rapid pace. It encompasses a complex grid of multiple symptoms and the ability to spot anomalous or erroneous actions over a period of time. Threats often targets specific objectives. There is a clear need to stay updated on threat-related information so as to face the challenges. There is therefore a pressing need for an enterprise security solution that helps in resolving security challenges as well as mapping out a clear picture of the potential risks, and evolving regulations for organisations to assess their options. With timely access to information on developing threats and vulnerabilities, organizations can start to counter the threat by detection, protection and mitigation responses more rapidly. The following steps could help towards building a secure intelligence framework: Step 1: Build threat intelligence on an on-going basis Step 2: Perform malware analysis, application and network forensics Step 3: Respond to an APT/malware incident Step 1: Build threat intelligence on an on-going basis Fig 5: Threat Intelligence
  • 8. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved The image in Fig 5 depicts the process of building threat intelligence in steps: • Identify business critical assets and vulnerabilities • Verify and prioritize those vulnerabilities based on exploitability and overall risk rating • Identify gaps in security controls • Test and prioritize mitigation tasks • Establish effective controls Step 2: Perform malware analysis, application and network forensics The common recommended solution approaches can be categorized into 3 different tracks. Firstly, perform malware analysis, followed by application security assurance and network analysis through forensics. Malware Analysis includes: • Behavioral analysis : understanding the environment in which the malware specimen's operates • Code analysis: getting into the nuts and bolts of the code that of the malicious program to understand the source of the code • Memory analysis: going through the past history of the infected system Application Security Assurance includes: • Secure SDLC: integrate security in each phase of the application life cycle. • Network and application Vulnerability Assessment/Penetration Test: perform port scanning, vulnerability assessments and application PT • Application code review: review the application code following the secure coding checklists and best practices Network Forensics: • Storage analysis: examine storage media for evidence • Source code analysis: check software source code for malicious signatures. • Network analysis: scrutinize network traffic and logs to identify and locate the suspicious system Integration of all the above tracks and exporting the data to the monitoring system would help towards building a secure environment.
  • 9. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Step 3: Respond to an APT/malware incident -on-going monitoring and remediation In the event of an APT/malware incident, some of the processes enumerated below could enable in depth analysis of packet behaviour and establish controls, both technological and procedural, to prevent recurrence. Some of the common scenarios that are designed to thwart application attacks and emerging malware are:  Outbound traffic monitoring – At a primary level, specifically monitor outbound access whenever a suspicious packet is sent across the network. Organizations depend on proxy based features that monitor all outbound access.  Layer 7 : Web Application Firewalls – The Layer 7 application firewall looks at protecting against some of the web based application attacks like persistent XSS, SQL Injection and request forgery attacks to name a few. These devices proactively track the pattern of the attacks and continuously update the database engine to prevent further attacks. They also have the ability to understand the behavior of users who interact with the applications and can track and prevent them from the norm.  Using Security Incident and Event Management (SIEM) tool to continuously analyze logs and perform event correlation: Various logs collected from different scan sources would be fed into the monitoring system in order to study the pattern and behavior of malicious packets. The SIEM tool would provide event data aggregation and event correlation. This way, all the activity, irrespective of inbound, outbound or internal data, are analysed at a single location. The methodology using the SIEM tool helps to greatly expand the scope of threat analysis and provides the ability to work around various weaknesses in the traditional intrusion detection environment. Fig 6: SIEM process This becomes a very effective tool and offers an in depth defense strategy to the corporate world when some of the IDSs and IPSs fail to capture malicious packets.
  • 10. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved A Proposed Solution Framework: Evolving threats add to a different set of challenges that may require continuous vigil over new threats or discovery of a new vulnerability or disclosure of a new exploit or a new malware threat. With these challenges, there is a need to develop a solution framework that could address the organization’s resources in such a way that the relevance of new vulnerabilities, exploits or malware is tested and the organization responds instantly to them. The solution framework depicted in Fig 7 takes a holistic view of threats from network, application (enterprise and mobile), databases and various APT’s. Fig 7: Next gen Threat Solution Framework APT Detection and Remediation Advanced Network Forensics and Analysis Threat Intelligence Detection and Analysis • Detect behavior based threats • Perform deep packet inspection and out bound packet analyses • Conduct complete investigation of the incidents identified • Detect phishing emails and data access attempts • Conduct anomalous traffic analysis • Look out for suspicious connections • Perform regular vulnerability assessments and audits • Conduct session analysis of anomalous packets • Collect network traces • Protect and preserve incident logs • Investigate the incident MonitorandManage IntegrationwithSIEM/SOCservices Deploy,Integrate,Customize,Virtualize
  • 11. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Added Benefits: The solutions approach detailed above allows organizations to protect their data by evaluation the security levels of the network, web application, database and end point system when faced with complex threats. A majority of the solutions discussed above are available as a hosted service on-premise or over the cloud. This standard structure is fortified by delivery models that will allow a user to choose a security solution that best suits their organization’s needs while also reducing the total cost of ownership. The overall benefits include:  Next-generation threat management solutions that is simple to use, including centralized reporting and controls  Detailed analysis on the latest APTs, malwares and exploits  Increase in overall security across remote and local IT assets. Reduction of cost of ownership with security-as-a-service from the cloud Conclusion: With the rapid pace at which attackers develop newer means to access unauthorized data, organizations are in urgent need to find a solution that responds to stringent security requirements. Enterprises require an intelligent and integrated enterprise security solution that allows real-time visibility, proactive vulnerability management and penetration testing across enterprise and mobile applications. A combination of host and network based protection that focuses on the application layer is to be considered as only layer 3 protection is no longer sufficient. An approach where customizable services are based on multiple solution stacks and based on an amalgamation of knowledge, best practices, compliance regulations and the latest technologies to deliver optimum results is s truly the need of the hour.
  • 12. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved About the Author Manoj Kumar Rai (manoj.rai@happiestminds.com) is the Technical Director and Practice Head of IMSS Application and Mobile Security at Happiest Minds. With over 12 years of experience in Application and Mobile Security specializing in Mobile Enterprises (E- commerce) and Mobile Payments, he is a frequent speaker on various technical subjects like Ethical Hacking and Secure SDLC. He is currently working on next-generation integrated threat management systems connecting enterprise cloud and mobility platforms. Abdul Rehaman (abdul.rehaman@happiestminds.com) is a Technical Consultant in the Happiest Minds IMSS Practice. He has more than seven years of industry experience in Application and Information Security. He has worked with several customers across various domains of information security. To learn more about the Happiest Minds Threat Security Offerings, please write to us at business@happiestminds.com About Happiest Minds Happiest Minds is a next-generation IT services company helping clients differentiate and win with a unique blend of innovative solutions and services based on the core technology pillars of cloud computing, social computing, mobility and analytics. We combine an unparalleled experience, comprehensive capabilities in the following industries: Retail, Media, CPG, Manufacturing, Banking and Financial services, Travel and Hospitality and Hi-Tech with pragmatic, forward-thinking advisory capabilities for the world’s top businesses, governments and organizations. Founded in 2011, Happiest Minds is privately held with headquarters in Bangalore, India and offices in the USA and UK. Corporate Office Happiest Minds Technologies Pvt. Ltd. Block II, Velankani Tech Park 43 Electronics City Hosur Road, Bangalore 560100, INDIA Phone: +91 80 332 03333 Fax: +91 80 332 03000 United States 116 Village Boulevard, Suite 200 Princeton, New Jersey, 08540 Phone:+1 609 951 2296 2018 156th Avenue NE #224 Bellevue, WA 98007 United Kingdom 200 Brook Drive, Green Park, Reading Berkshire, RG2 6UB Phone: +44 11892 56072 Fax: + 44 11892 56073