SlideShare a Scribd company logo

BYOD is now BYOT (Bring Your Own Threat) – Current Trends in Mobile APT

Jimmy Shah
Jimmy Shah

Mobile devices are not simply PCs. While one knows to look for an Advanced Persistent Threat(APT) on their desktop endpoints, mobile tends to be ignored. Setting up an MDM solution is not enough. Installing AV on as many devices as possible is not enough. The holes in the net are still too wide; attackers have more options than just malicious apps for getting on your network. Topics covered will be: How attackers are moving to mobile in order to bypass traditional protection. Apps are only one part of the problem. Documents, email, messaging are still left wide open Bypassing Mobile Antivirus Bypassing MDM, MAM and Containers Attackers are turning from apps to exploits. Finally we’ll cover what to do next – how to effectively deal with Mobile APT.

Mobile
1 of 28
Download to read offline
BYOD is now BYOT Current Trends in Mobile APT Jimmy Shah, Senior Director of Research
All rights reserved to Zimperium, INC. Who AM I? Jimmy Shah • Sr. Director of Reseach at ZIMPERIUM - Enterprise Mobile Security • Antivirus Researcher(Symantec, McAfee, AVG) • Involved with Mobile Malware and threats since SymbOS/Cabir(ca. 2004) Blog: MOBILE MALWARE DETECTION Email: Jimmy.Shah@ZIMPERIUM.com Twitter: @shah_jim
All rights reserved to Zimperium, INC. Agenda • Introduction to Advanced Persistent Threats(APT) • The Real Mobile Threat Landscape • How is it switching over to Mobile? • Examples • Bypassing Mitigations/Security • Summary
April 24th, 2014 Introduction to Advanced Persistent Threats(APT)
All rights reserved to Zimperium, INC. Introduction to Advanced Persistent Threats(APT)
All rights reserved to Zimperium, INC. APT friendly Exploits & Vulnerabilities (PC) Client Side Server side: MS08-067 (Conficker), Shellshock, Netbios, SMB, Heartbleed, etc.
April 24th, 2014 The Real Mobile Threat Landscape
All rights reserved to Zimperium, INC. Next-generation attacks Attackers are targeting mobile devices. The Changing Threat Landscape 4.3M+ Sensors Reporting daily
All rights reserved to Zimperium, INC. • Most devices are running outdated OS • Lots of vulnerabilities • We carry them with us everywhere • Always connected • Contain sensitive data • Lack of effective security solutions! The Low Hanging Fruit
April 24th, 2014 How is it switching over to Mobile?
All rights reserved to Zimperium, INC. APT Friendly Exploits in Mobile • Widespread • + Kernel/Root Exploit • Targeted • | | + Kernel/Root Exploit, 
 MITM,Push-SMS, etc. • Cellular Network Attack Vectors • Location Tracking, Call Forwarding, etc
April 24th, 2014 Examples
All rights reserved to Zimperium INC. Widespread - App Surveillance
All rights reserved to Zimperium, INC. Targeted - Airport/Hotel Scenario Intercept Traffic Scan (IPv4/IPv6) Target discovery MITM Rogue AP Rogue FemtoCell / Basestation Modify Traffic SSL Strip Browser Attack Code Injection Elevation of Privileges OS / Kernel Exploit Infected
All rights reserved to Zimperium, INC. Targeted Attack - Spear-Phishing Scenario
April 24th, 2014 Infection Points
All rights reserved to Zimperium, INC. Spreading in the Mobile Era • Rogue AP • SMS • Using stolen Email client’s credentials • Plug & Prey • Juice Jacking • Airdrop?
April 24th, 2014 Payloads
All rights reserved to Zimperium, INC. Payloads • Two types of payloads observed: • Apps • Easier to detect • Processes • Harder to detect VS
April 24th, 2014 Bypassing Mitigations/ Security
All rights reserved to Zimperium, INC. Methods used in the wild • Mobile Anti-Virus • Cloud Sandboxing • Sandbox restrictions • MDM / MAM Containers
April 24th, 2014 How to detect?
All rights reserved to Zimperium, INC. • Persistent filesystem modifications • Disabling security restrictions • Spying on other sandboxes: Email App, Facebook, Whatsapp and others • Spying on information: SMS, Call log • Active Spying: Camera, Pictures, Call Recording
April 24th, 2014 Summary
All rights reserved to Zimperium, INC. Mobile != PC Credit: Flickr user - intelfreepress/
All rights reserved to Zimperium, INC. • Mobile attacks becomes more sophisticated and powerful and can cause a real damage to the corporation’s assets. • Protecting mobile in BYOD world from various types of attack vectors requires: • Correlation of security events • Anomaly detection techniques • Mobile expert knowledge • BYOD devices are fragmented to different versions of OS; A true solution must work on all common devices. ZIMPERIUM’s z9 engine was developed from the ground up for mobile to combat the unique challenges of protecting iOS and Android devices in the organization. Contact us to request a demo Summary
All rights reserved to Zimperium, INC. Questions?
Thank you! All rights reserved to Zimperium LTD.

Recommended

Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicTjylen Veselyj
 
Mobile protection
Mobile protection Mobile protection
Mobile protection
preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile security
priyanka pandey
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
Commonwealth Telecommunications Organisation
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkits
Jimmy Shah
 
Steps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and ConsumersSteps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and Consumers
Juniper Networks
 
Mobile security
Mobile securityMobile security
Mobile security
Naveen Kumar
 
Mobile security
Mobile securityMobile security
Mobile security
Mphasis
 

Recommended

Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicTjylen Veselyj
 
Mobile protection
Mobile protection Mobile protection
Mobile protection
preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile security
priyanka pandey
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
Commonwealth Telecommunications Organisation
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkits
Jimmy Shah
 
Steps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and ConsumersSteps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and Consumers
Juniper Networks
 
Mobile security
Mobile securityMobile security
Mobile security
Naveen Kumar
 
Mobile security
Mobile securityMobile security
Mobile security
Mphasis
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
Tajwar khan
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
Muthu Kumar
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
TechWell
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
JASHU JASWANTH
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malware
Ammar WK
 
cellphone virus and security
cellphone virus and securitycellphone virus and security
cellphone virus and securityAkhil Kumar
 
How secure is your website?
How secure is your website?How secure is your website?
How secure is your website?
Ian Grey
 
Transforming any apps into self-defending apps
Transforming any apps into self-defending apps Transforming any apps into self-defending apps
Transforming any apps into self-defending apps
Blueboxer2014
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and securityPRIYANKA944
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dips
Ammar WK
 
Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Security
guestc03f28
 
Smartphone
SmartphoneSmartphone
Smartphone
Naval OPSEC
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient Truth
AGILLY
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
Michael Davis
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Morakinyo Animasaun
 
Check Point Mobile Threat Prevention
Check Point Mobile Threat PreventionCheck Point Mobile Threat Prevention
Check Point Mobile Threat Prevention
MarketingArrowECS_CZ
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
bugcrowd
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human
PhishLabs
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile Devices
Skycure
 
Top tips to develop your enterprise mobility strategy [Infographic]
Top tips to develop your enterprise mobility strategy [Infographic]Top tips to develop your enterprise mobility strategy [Infographic]
Top tips to develop your enterprise mobility strategy [Infographic]
Vodafone Business
 
4 important lessons from ready businesses [Infographic]
4 important lessons from ready businesses [Infographic]4 important lessons from ready businesses [Infographic]
4 important lessons from ready businesses [Infographic]
Vodafone Business
 
How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber Attacks
Skycure
 

More Related Content

What's hot

Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
Tajwar khan
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
Muthu Kumar
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
TechWell
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
JASHU JASWANTH
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malware
Ammar WK
 
cellphone virus and security
cellphone virus and securitycellphone virus and security
cellphone virus and securityAkhil Kumar
 
How secure is your website?
How secure is your website?How secure is your website?
How secure is your website?
Ian Grey
 
Transforming any apps into self-defending apps
Transforming any apps into self-defending apps Transforming any apps into self-defending apps
Transforming any apps into self-defending apps
Blueboxer2014
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and securityPRIYANKA944
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dips
Ammar WK
 
Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Security
guestc03f28
 
Smartphone
SmartphoneSmartphone
Smartphone
Naval OPSEC
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient Truth
AGILLY
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
Michael Davis
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Morakinyo Animasaun
 

What's hot (15)

Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malware
 
cellphone virus and security
cellphone virus and securitycellphone virus and security
cellphone virus and security
 
How secure is your website?
How secure is your website?How secure is your website?
How secure is your website?
 
Transforming any apps into self-defending apps
Transforming any apps into self-defending apps Transforming any apps into self-defending apps
Transforming any apps into self-defending apps
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and security
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dips
 
Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Security
 
Smartphone
SmartphoneSmartphone
Smartphone
 
Malware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient TruthMalware on Smartphones and Tablets - The Inconvenient Truth
Malware on Smartphones and Tablets - The Inconvenient Truth
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
 

Viewers also liked

Check Point Mobile Threat Prevention
Check Point Mobile Threat PreventionCheck Point Mobile Threat Prevention
Check Point Mobile Threat Prevention
MarketingArrowECS_CZ
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
bugcrowd
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human
PhishLabs
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile Devices
Skycure
 
Top tips to develop your enterprise mobility strategy [Infographic]
Top tips to develop your enterprise mobility strategy [Infographic]Top tips to develop your enterprise mobility strategy [Infographic]
Top tips to develop your enterprise mobility strategy [Infographic]
Vodafone Business
 
4 important lessons from ready businesses [Infographic]
4 important lessons from ready businesses [Infographic]4 important lessons from ready businesses [Infographic]
4 important lessons from ready businesses [Infographic]
Vodafone Business
 
How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber Attacks
Skycure
 
Zimperium - Technology Briefing
Zimperium - Technology BriefingZimperium - Technology Briefing
Zimperium - Technology Briefing
Jake Leonard
 
[infographic] Building the Gigabit Europe
[infographic] Building the Gigabit Europe[infographic] Building the Gigabit Europe
[infographic] Building the Gigabit Europe
Vodafone Business
 
Mobile Protect Pro - Powered by Zimperium
Mobile Protect Pro - Powered by ZimperiumMobile Protect Pro - Powered by Zimperium
Mobile Protect Pro - Powered by Zimperium
Zimperium
 
5 trends that will affect Multinational Corporations over the next 10 years [...
5 trends that will affect Multinational Corporations over the next 10 years [...5 trends that will affect Multinational Corporations over the next 10 years [...
5 trends that will affect Multinational Corporations over the next 10 years [...
Vodafone Business
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security Superhero
Skycure
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Skycure
 
Mobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat LandscapeMobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat Landscape
BlackBerry
 
Venture Scanner Security Tech Report Q1 2017
Venture Scanner Security Tech Report Q1 2017Venture Scanner Security Tech Report Q1 2017
Venture Scanner Security Tech Report Q1 2017
Nathan Pacer
 
DIY Cybersecurity for your Phone
DIY Cybersecurity for your PhoneDIY Cybersecurity for your Phone
DIY Cybersecurity for your Phone
Chika Wonah
 

Viewers also liked (16)

Check Point Mobile Threat Prevention
Check Point Mobile Threat PreventionCheck Point Mobile Threat Prevention
Check Point Mobile Threat Prevention
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile Devices
 
Top tips to develop your enterprise mobility strategy [Infographic]
Top tips to develop your enterprise mobility strategy [Infographic]Top tips to develop your enterprise mobility strategy [Infographic]
Top tips to develop your enterprise mobility strategy [Infographic]
 
4 important lessons from ready businesses [Infographic]
4 important lessons from ready businesses [Infographic]4 important lessons from ready businesses [Infographic]
4 important lessons from ready businesses [Infographic]
 
How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber Attacks
 
Zimperium - Technology Briefing
Zimperium - Technology BriefingZimperium - Technology Briefing
Zimperium - Technology Briefing
 
[infographic] Building the Gigabit Europe
[infographic] Building the Gigabit Europe[infographic] Building the Gigabit Europe
[infographic] Building the Gigabit Europe
 
Mobile Protect Pro - Powered by Zimperium
Mobile Protect Pro - Powered by ZimperiumMobile Protect Pro - Powered by Zimperium
Mobile Protect Pro - Powered by Zimperium
 
5 trends that will affect Multinational Corporations over the next 10 years [...
5 trends that will affect Multinational Corporations over the next 10 years [...5 trends that will affect Multinational Corporations over the next 10 years [...
5 trends that will affect Multinational Corporations over the next 10 years [...
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security Superhero
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 Predictions
 
Mobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat LandscapeMobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat Landscape
 
Venture Scanner Security Tech Report Q1 2017
Venture Scanner Security Tech Report Q1 2017Venture Scanner Security Tech Report Q1 2017
Venture Scanner Security Tech Report Q1 2017
 
DIY Cybersecurity for your Phone
DIY Cybersecurity for your PhoneDIY Cybersecurity for your Phone
DIY Cybersecurity for your Phone
 

Similar to BYOD is now BYOT (Bring Your Own Threat) – Current Trends in Mobile APT

Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Aruba, a Hewlett Packard Enterprise company
 
Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised Insider
Imperva
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Lancope, Inc.
 
Cybersecurity: A game of innovation
Cybersecurity: A game of innovationCybersecurity: A game of innovation
Cybersecurity: A game of innovation
W2O Group
 
Mining attackers mind
Mining attackers mindMining attackers mind
Mining attackers mind
keyuradmin
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
 
Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile Applications
Denim Group
 
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
eightbit
 
Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option
Seculert
 
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
CA API Management
 
Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet
IBM Sverige
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
mycroftinc
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)eNetSPI
 
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSREAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
ForgeRock
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting
Sina Manavi
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
IBM Security
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Imperva
 
Mobile Application Assessment - Don't Cheat Yourself
Mobile Application Assessment - Don't Cheat YourselfMobile Application Assessment - Don't Cheat Yourself
Mobile Application Assessment - Don't Cheat Yourself
Denim Group
 
Declaration of malWARe
Declaration of malWAReDeclaration of malWARe
Declaration of malWARe
Scott Sutherland
 
Secure Systems of Engagement
Secure Systems of EngagementSecure Systems of Engagement
Secure Systems of Engagement
John Palfreyman
 

Similar to BYOD is now BYOT (Bring Your Own Threat) – Current Trends in Mobile APT (20)

Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
 
Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised Insider
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
 
Cybersecurity: A game of innovation
Cybersecurity: A game of innovationCybersecurity: A game of innovation
Cybersecurity: A game of innovation
 
Mining attackers mind
Mining attackers mindMining attackers mind
Mining attackers mind
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 
Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile Applications
 
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
 
Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option
 
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
 
Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet Ola Wittenby - Hotlandskapet på Internet
Ola Wittenby - Hotlandskapet på Internet
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)e
 
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSREAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
 
Mobile Application Assessment - Don't Cheat Yourself
Mobile Application Assessment - Don't Cheat YourselfMobile Application Assessment - Don't Cheat Yourself
Mobile Application Assessment - Don't Cheat Yourself
 
Declaration of malWARe
Declaration of malWAReDeclaration of malWARe
Declaration of malWARe
 
Secure Systems of Engagement
Secure Systems of EngagementSecure Systems of Engagement
Secure Systems of Engagement
 

More from Jimmy Shah

Brick all the internet of things!(with notes)
Brick all the internet of things!(with notes)Brick all the internet of things!(with notes)
Brick all the internet of things!(with notes)
Jimmy Shah
 
There's no S(ecurity) in IoT: This is why we can't sleep
There's no S(ecurity) in IoT: This is why we can't sleepThere's no S(ecurity) in IoT: This is why we can't sleep
There's no S(ecurity) in IoT: This is why we can't sleep
Jimmy Shah
 
Solar Powered Parking Meters - An IoT thought experiment
Solar Powered Parking Meters - An IoT thought experimentSolar Powered Parking Meters - An IoT thought experiment
Solar Powered Parking Meters - An IoT thought experiment
Jimmy Shah
 
Mobile malware analysis with the a.r.e. vm
Mobile malware analysis with the a.r.e. vmMobile malware analysis with the a.r.e. vm
Mobile malware analysis with the a.r.e. vmJimmy Shah
 
Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_
Jimmy Shah
 
Mobile malware heuristics the path from 'eh' to pretty good'
Mobile malware heuristics the path from 'eh' to pretty good'Mobile malware heuristics the path from 'eh' to pretty good'
Mobile malware heuristics the path from 'eh' to pretty good'
Jimmy Shah
 
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareIsn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
Jimmy Shah
 

More from Jimmy Shah (7)

Brick all the internet of things!(with notes)
Brick all the internet of things!(with notes)Brick all the internet of things!(with notes)
Brick all the internet of things!(with notes)
 
There's no S(ecurity) in IoT: This is why we can't sleep
There's no S(ecurity) in IoT: This is why we can't sleepThere's no S(ecurity) in IoT: This is why we can't sleep
There's no S(ecurity) in IoT: This is why we can't sleep
 
Solar Powered Parking Meters - An IoT thought experiment
Solar Powered Parking Meters - An IoT thought experimentSolar Powered Parking Meters - An IoT thought experiment
Solar Powered Parking Meters - An IoT thought experiment
 
Mobile malware analysis with the a.r.e. vm
Mobile malware analysis with the a.r.e. vmMobile malware analysis with the a.r.e. vm
Mobile malware analysis with the a.r.e. vm
 
Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_Viruses on mobile platforms why we don't/don't we have viruses on android_
Viruses on mobile platforms why we don't/don't we have viruses on android_
 
Mobile malware heuristics the path from 'eh' to pretty good'
Mobile malware heuristics the path from 'eh' to pretty good'Mobile malware heuristics the path from 'eh' to pretty good'
Mobile malware heuristics the path from 'eh' to pretty good'
 
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareIsn't it all just SMS-sending trojans?: Real Advances in Android Malware
Isn't it all just SMS-sending trojans?: Real Advances in Android Malware
 

BYOD is now BYOT (Bring Your Own Threat) – Current Trends in Mobile APT

  • 1. BYOD is now BYOT Current Trends in Mobile APT Jimmy Shah, Senior Director of Research
  • 2. All rights reserved to Zimperium, INC. Who AM I? Jimmy Shah • Sr. Director of Reseach at ZIMPERIUM - Enterprise Mobile Security • Antivirus Researcher(Symantec, McAfee, AVG) • Involved with Mobile Malware and threats since SymbOS/Cabir(ca. 2004) Blog: MOBILE MALWARE DETECTION Email: Jimmy.Shah@ZIMPERIUM.com Twitter: @shah_jim
  • 3. All rights reserved to Zimperium, INC. Agenda • Introduction to Advanced Persistent Threats(APT) • The Real Mobile Threat Landscape • How is it switching over to Mobile? • Examples • Bypassing Mitigations/Security • Summary
  • 4. April 24th, 2014 Introduction to Advanced Persistent Threats(APT)
  • 5. All rights reserved to Zimperium, INC. Introduction to Advanced Persistent Threats(APT)
  • 6. All rights reserved to Zimperium, INC. APT friendly Exploits & Vulnerabilities (PC) Client Side Server side: MS08-067 (Conficker), Shellshock, Netbios, SMB, Heartbleed, etc.
  • 7. April 24th, 2014 The Real Mobile Threat Landscape
  • 8. All rights reserved to Zimperium, INC. Next-generation attacks Attackers are targeting mobile devices. The Changing Threat Landscape 4.3M+ Sensors Reporting daily
  • 9. All rights reserved to Zimperium, INC. • Most devices are running outdated OS • Lots of vulnerabilities • We carry them with us everywhere • Always connected • Contain sensitive data • Lack of effective security solutions! The Low Hanging Fruit
  • 10. April 24th, 2014 How is it switching over to Mobile?
  • 11. All rights reserved to Zimperium, INC. APT Friendly Exploits in Mobile • Widespread • + Kernel/Root Exploit • Targeted • | | + Kernel/Root Exploit, 
 MITM,Push-SMS, etc. • Cellular Network Attack Vectors • Location Tracking, Call Forwarding, etc
  • 13. All rights reserved to Zimperium INC. Widespread - App Surveillance
  • 14. All rights reserved to Zimperium, INC. Targeted - Airport/Hotel Scenario Intercept Traffic Scan (IPv4/IPv6) Target discovery MITM Rogue AP Rogue FemtoCell / Basestation Modify Traffic SSL Strip Browser Attack Code Injection Elevation of Privileges OS / Kernel Exploit Infected
  • 15. All rights reserved to Zimperium, INC. Targeted Attack - Spear-Phishing Scenario
  • 17. All rights reserved to Zimperium, INC. Spreading in the Mobile Era • Rogue AP • SMS • Using stolen Email client’s credentials • Plug & Prey • Juice Jacking • Airdrop?
  • 19. All rights reserved to Zimperium, INC. Payloads • Two types of payloads observed: • Apps • Easier to detect • Processes • Harder to detect VS
  • 20. April 24th, 2014 Bypassing Mitigations/ Security
  • 21. All rights reserved to Zimperium, INC. Methods used in the wild • Mobile Anti-Virus • Cloud Sandboxing • Sandbox restrictions • MDM / MAM Containers
  • 22. April 24th, 2014 How to detect?
  • 23. All rights reserved to Zimperium, INC. • Persistent filesystem modifications • Disabling security restrictions • Spying on other sandboxes: Email App, Facebook, Whatsapp and others • Spying on information: SMS, Call log • Active Spying: Camera, Pictures, Call Recording
  • 25. All rights reserved to Zimperium, INC. Mobile != PC Credit: Flickr user - intelfreepress/
  • 26. All rights reserved to Zimperium, INC. • Mobile attacks becomes more sophisticated and powerful and can cause a real damage to the corporation’s assets. • Protecting mobile in BYOD world from various types of attack vectors requires: • Correlation of security events • Anomaly detection techniques • Mobile expert knowledge • BYOD devices are fragmented to different versions of OS; A true solution must work on all common devices. ZIMPERIUM’s z9 engine was developed from the ground up for mobile to combat the unique challenges of protecting iOS and Android devices in the organization. Contact us to request a demo Summary
  • 27. All rights reserved to Zimperium, INC. Questions?
  • 28. Thank you! All rights reserved to Zimperium LTD.