Are You Prepared for the Next Mobile Attack?

WITH CHECK POIN T
SANDBL AST MOBILE
PROTECT YOUR ENTERPRISE
FROM THE NEXT SECURITY BREACH:
MOBILE DEVICES

”Our supplier claims we
didn’t pay them for the last two
orders, a total of $520,000!”
”Yes we did, we transferred the
money to their new bank account”
CFO:
“Their new what?!”CEO:
A global healthcare company
providing medical solutions
CEO:
CASE I
Fictitious company, inspired by Gooligan malware

THE WHALE SCAM
BANK
Sent mail asking to
transfer the money to a
new bank account,
controlled by the hacker
Money transferred to
the hackers' bank
account
Purchasing manager's 8
year old son downloaded
a malicious app to his
dad’s BYOD mobile
device
1 MONTH EARLIER
App was infected and
compromised the
corporate email
credentials
USER
PASSWORD
Hackers learn about
the relationship with
the supplier
Compromised business email accounts
have cost companies more than $2.3
billion in losses over the past three years
source: www.fbi.gov

THE HACKERS CAN:
Access
corporate file
servers
Infect corporate
computers by sending
internal malicious emails
Access the data center
after obtaining VPN
credentials from
corporate helpdesk

PUBLIC COMPANY’S STOCK
PRICES SUDDENLY DROP
CASE II
*a fictitious story inspired by actual cases

3 WEEKS EARLIER…
Hackers tapped into
the CFO’s device
Hackers recorded the
quarterly results discussed
at a board meeting before
the public announcement
CFO downloaded a
malicious conference
app by scanning a
QR code

• On and connected as needed
• Primary use: business
• Attack vector: malicious files
• 24/7 on, connected, with you constantly
• Primary uses: personal and business
• Attack vector: Malicious apps
MOBILE IS MORE VULNERABLE AND LESS PROTECTED THAN PCs
PROTECTION
• Anti-malware
• Network protection
PROTECTION
Most organizations today do not have
any cyber protection for mobile devices
VULNERABILITY LEVEL
?
MOBILE
PC

MOBILE IS THE
NEW WINDOW
INTO CORPORATE
NETWORKS

HOW MOBILE DEVICES
ARE INFECTED?

MOBILE’S UNIQUE
ATTACK VECTORS
Infected Apps
Network Attacks
OS Exploits
SMS Attacks

DAMAGES
Intercepting
text messages
Stealing
passwords
Taking
photos
Microphone
recordings
Stealing
contact lists
Stealing
email
Tracking
location
Breaking into
corporate network

OF ALL
ORGANIZATIONS
ARE INFECTED WITH
MOBILE MALWARE
Source: Check Point Mobile Threat Prevention | N=850 Check Point customers, each protecting more than 500 devices
100%
Averaged 35
jailbroken or
rooted devices
75% 89%
Experienced a
man-in-the-middle
attack over Wi-Fi

APT 28 (FANCY-BEAR)
3 DIFFERENT MALWARE – SAME C&C BACKEND AND IOCs
NATOUKRAINE ARMYDNCTARGETS:

UNIQUE CHALLENGES
REQUIRE
UNIQUE SOLUTIONS

THE CYBER SECURITY ARCHITECTURE OF THE FUTURE
THE FIRST CONSOLIDATED SECURITY SOLUTION ACROSS
NETWORKS, CLOUD, AND MOBILE, PROVIDING THE HIGHEST LEVEL
OF THREAT PREVENTION.

NGTX GATEWAYS
Perimeter and Datacenter
protection
SANDBLAST AGENT
Endpoint and Browsers
protection
SANDBLAST CLOUD
Cloud Applications
protection
SANDBLAST API
Custom applications
protection
SHARING COMMON INTELLIGENCE AND THREAT MANAGEMENT
THE FIRST AND ONLY UNIFIED
CROSS-PLATFORM THREAT PREVENTION
Mobile Device
protection
SANDBLAST MOBILE
M O B I L E

ZERO DAY PROTECTION FOR MOBILE DEVICES

SANDBLAST
MOBILE
Complete threat detection
and mitigation
Best mobile threat
catch rate
Full visibility
Simple deployment

HOW IT WORKSHOW IT WORKS
APP ANALYSIS
(INFECTED APPS)
CLOUD-BASED
BEHAVIORAL RISK ENGINE
ON DEVICE DETECTION
OS EXPLOITS
(JAILBREAK/ROOT)
NETWORK
ATTACKS
(WIFI)
SMS ATTACKS
REAL-TIME INTELLIGENCE,
MONITORING AND CONTROL

500,000,000+
Malicious file hashes
and sites
250,000,000
C & C addresses
11,000,000
Malware behavioral
signatures
The world’s largest
IoC database
Daily inputs from traffic across 100K
security gateways world wide
THE CHECK POINT ADVANTAGE

* Source: Miercom March 2017 (tests included: Known, Unknown Modified, Unknown Zero-day, False Positives, and iOS)
** Lookout, Zimperium and Better Mobile were unwilling to participate in the test
BEST MALICIOUS APPS CATCH RATE
100%
89%
63%
42%
INDUSTRY
AVERAGE
Sandblast Mobile Malicious Application Detection Efficiency

24©2016 Check Point Software Technologies Ltd.
11
3 3
1
14
9
2
1
LARGEST NUMBER OF ZERO DAYS DISCOVERED
2015-JAN 2017
GOOGLE SECURITY
HALL OF FAME
SC MEDIA TOP 25
THREAT SEEKERS 2016
MITRE CVE
AUTHORITY
Vulnerabilities Malware
Check Point Lookout Zimperium Skycure

2014 20162015
GodlessGhost Push* Turkish Clicker HummingBad DressCode Gooligan
Quadrooter.C
CVE-2016-2059
Quadrooter.A
CVE-2016-2503
Quadrooter.B
CVE-2016-2504
Quadrooter.D
CVE-2016-5340
= DISCOVERED BY CHECK POINT
Source: Google Android Security 2016 Year In Review
CVE-2015-1805
Dirty Cow
ATTACKS
VULNERABILITIES
APRFEB JUN JULY AUG OCT NOVJANOCT
data transmission
Adups
CVE-2015-1805
GOOGLE ANDROID SECURITY 2016 REPORT
70% OF THE THREATS WERE FIRST DISCOVERED BY CHECK POINT
*Partially Check Point : BrainTest, Sept 2015

SANDBLAST MOBILE:
INTRODUCING
FIRST-OF-ITS-KIND
PROTECTION AGAINST
SMS ATTACKS

INDUSTRY’S WIDEST SET OF MOBILE INTEGRATIONS
NEW!

SIMPLE TO DEPLOY
Integration with all leading
EMM platforms and containers
Cloud base SaaS solution
Without impacting usability:
No impact on battery life
Complete end user privacy

SUMMARY
MOBILE CYBER THREATS
ARE ON THE RISE
EMPLOYEES’ MOBILE
DEVICES ARE WEAKEST LINK
IN ANY IT INFRASTRUCTURE
CHECK POINT PROTECTS
YOUR DEVICES FROM
ADVANCED MOBILE THREATS

WITH CHECK POINT
SANDBLAST MOBILE
PROTECT YOUR ENTERPRISE AGAINST
MOBILE THREATS

Are You Prepared for the Next Mobile Attack?

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Are You Prepared for the Next Mobile Attack?

Similar to Are You Prepared for the Next Mobile Attack? (20)

Recently uploaded

Recently uploaded (20)

Are You Prepared for the Next Mobile Attack?