Your SlideShare is downloading. ×
0
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Mobile security 8soft_final_summercamp2011
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Mobile security 8soft_final_summercamp2011

978

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
978
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
30
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  1. Mobile Working With Z-Push & BES – What About Risks? Jens Fell
  2. Statement No. 1 Smartphone OS are the unknown OS in business! <ul><li>Apple iOS
  3. bada, by Samsung (a version with Linux-Kernel)
  4. BlackBerry, by RIM: proprietary system with push technology
  5. Brew, by Qualcomm
  6. Linux in various forms: </li><ul><li>Android, by Open Handset Alliance (leadership by Google)
  7. MeeGo, initiative by Nokia and Intel
  8. Mobilinux, by MontaVista
  9. Openmoko
  10. webOS, by Palm </li></ul><li>Symbian, administrated by Symbian Foundation
  11. Windows Phone and Windows Mobile by Microsoft </li></ul>
  12. Statement No. 2 Everything, that happens to a laptop, can happen to a smartphone, too!
  13. Sources of Risk <ul><li>Bluetooth
  14. WiFi (W-LAN)
  15. Camera
  16. GPS
  17. SMS/MMS
  18. Email
  19. Apps
  20. Browser </li></ul>
  21. Level of Risk <ul><li>Abuse of corporate and private data by unauthorized access via device </li><ul><ul><li>e. g. access to social media identities, remote login, credit cards, ..... </li></ul></ul><li>Loss of sensitive information </li><ul><ul><li>e. g. notes , pictures , scanned business cards </li></ul></ul><li>Attacks by mobile malware </li><ul><ul><li>e. g. data theft, extortion </li></ul></ul><li>Output of confidential data if the device is stolen, lost or spied </li><ul><ul><li>e. g. theft of intellectual property </li></ul></ul></ul>
  22. <ul>Mobile Malware </ul><ul><li>Risk for mobile devices is rising </li><ul><ul><li>Number of signatures for mobile devices on 11 January 2011 -> 1834
  23. Number of signatures for mobile devices on 07 June 2011 -> 2975 </li></ul></ul></ul><ul>Source: Kaspersky Lab January 2011 </ul>
  24. Mobile Malware <ul><li>154 families
  25. 1046 modifications
  26. In November 2010, 45 new changes were discovered.
  27. Most common are SMS trojans. </li></ul><ul>Source: Kaspersky Labs, January 2011 </ul>
  28. <ul>Examples for Mobile Malware </ul><ul><li>Trojan-SMS.AndroidOS.FakePlayer.a
  29. Download: looks as if it was a media player
  30. Sends SMS to a premium account for $ 5 for each SMS </li></ul>
  31. <ul><li>What Does Mobile Malware Do? </li></ul><ul><li>Activate access to internet ( Backdoor.WinCE.Brador )
  32. Stealthy sending of SMS/MMS with high fees ( Trojan-SMS.J2ME.RedBrowser )
  33. Blocking functionalities of the mobile phone ( Trojan.SymbOS.Skuller, Rommwar )
  34. Downloading of other viruses ( Trojan.SymbOS.Doombot mit ComWar )
  35. Deleting data ( Trojan.SymbOS.Cardblock, Worm.MSIL.Cxover )
  36. Theft of data ( Worm.SymbOS.StealWar, Trojan-Spy.SymbOS.Flexispy )
  37. Using PCs for further circulation ( Worm.MSIL.Cxover ) </li></ul>
  38. <ul><li>A Typical Infection by Malware: Cabir </li></ul><ul><li>Large events with a huge amount of people (concerts, sports events, public transports)
  39. User receives a file (mostly „sex.sis“) via bluetooth
  40. The phone works but the battery discharges very fast (because Cabir uses bluetooth).
  41. Virus removal : </li><ul><li>Delete infected files
  42. Operate a hard-reset or install firmware again </li></ul></ul>
  43. <ul><li>A Typical Infection by Malware: brador </li></ul><ul><li>Detects the IP address of the device and sends it via email to sender
  44. If the phone is switched on, an agent starts to listen on port 2989 waiting for: </li><ul><ul><li>File sending / receiving
  45. Execute file
  46. Show folder content
  47. Other commands </li></ul></ul><li>Virus removal : </li><ul><li>Delete infected files
  48. Operate a hard-reset or install firmware again </li></ul></ul>
  49. <ul><li>A Typical Infection by Malware: PBStealer </li></ul><ul><li>Looks like a „Phonebook Explorer “
  50. (tool for optimizing the phonebook)
  51. First seen in a Chinese forum
  52. Sends a file with personal data of the user to all devices in range of coverage via bluetooth
  53. Virus removal : </li><ul><li>Delete infected files
  54. Operate a hard-reset or install firmware again </li></ul></ul>
  55. <ul><li>A Typical Infection by Malware: CardBlock </li></ul><ul><li>Is downloaded as „InstantSiS“ (tool for transferring and exchanging SiS-files)
  56. Blocks memory card with a random password
  57. Damages all user applications
  58. Deletes SMS and MMS messages
  59. By deleting the infected files, the infection itself will not be eliminated.
  60. The phone needs to be reset. Attention: All data on the smart card will be lost! </li></ul>
  61. What Happens, When a Smartphone Gets Lost? <ul><li>More than 250,000 mobile devices get lost at US airports. (Source: The Wisconsin Technology Network)
  62. About 100,000 mobile devices are found in London's Underground.
  63. Not less than one quarter of all mobile phones of a company contains confidential corporate data. (Source: BPMF)
  64. 30 % of all mobile devices get lost every year. (Source: SANS-Institut)
  65. 2/3 of all German companies have experiences with lost smartphones. (Source: Impulse Oct. 2010)
  66. Each device that can not be retrieved causes costs of $ 2,500 because of the lost data. (Source: Gartner)
  67. Companies with more than 5,000 employees could save up to $ 500,000 per year by tracking their devices. (Source: Gartner) </li></ul>
  68. Risk Awareness For Smartphone Usage <ul><li>Business use of mobile devices </li><ul><li>73% of all people using a smartphone don't know about the risks the device causes. (Source: National Cyber Security Alliance) </li></ul></ul>
  69. „ What Mobile Threats Are You Concerned With on Employees Smartphones?“
  70. Maßnahmen zur Bedrohungsabwehr <ul><li>organisatorische Maßnahmen </li><ul><li>Schulung der Mitarbeiter
  71. Unternehmens-Policy
  72. Security-Policy </li></ul><li>technische Maßnahmen </li><ul><li>Zentrale Verwaltung
  73. Verschlüsselung
  74. Security für Smartphones nutzen </li></ul></ul>
  75. <ul>Kaspersky Mobile Security Enterprise Edition </ul>
  76. Functions Operating System: Anti Theft + + + (+) Anti Virus + + - (+) Encryption + + - (-) Anti Spam + + + (+) Privacy Protection + + + (+)
  77. Kaspersky Mobile Security <ul><li>Retail / Enterprise
  78. Functions </li><ul><li>Encryptions protects against theft and virus
  79. Remote roll out „over the air“ via management tool (own or third party provider) is possible
  80. Extensive settings and limitations – via Kaspersky Administration Kit, Sybase Afaria or Microsoft System Center Mobile Device Manager </li></ul><li>Supports established smartphone platforms : </li><ul><li>Nokia, Black Berry, Windows Mobile and Android </li></ul></ul>
  81. How Does Kaspersky Endpoint Security for Smartphones Protect Mobile Users? <ul><li>Anti Theft: Remote smartphone lock, wipe and GPS tracking – in the event that the device is lost or stolen
  82. SIM Watch: Even if the thief changes the SIM card – all the remote functionality remains intact and the new phone number is sent to the real owner
  83. Encryption: Files, folders and memory cards can be encrypted and access to them can be protected by password
  84. Anti Virus: Real time protection, on-demand and scheduled scans, automatic „over the air“ anti virus data base updates
  85. Anti Spam for calls & SMS: Unwanted calls and messages can easily be filtered out
  86. Privacy Protection: For hiding communication histories with particular contacts, including contact book entries, call logs and SMS
  87. Remote Administration: Smooth roll out to multiple devices without user involvement or disturbance </li></ul>
  88. Questions ? Jens Fell 8Soft GmbH Phone : +49 931/250993-22 Email : [email_address] Visit our booth at Zarafa SummerCamp!

×