LETS HACK YOUR MOBILE DEVICE · Middle Attacks over Wi-Fi and Cellular Blocks Phishing links in...

LETS HACK YOUR MOBILE DEVICE

Yes we can and so do the others!

Tommi Kallberg | Emerging Tech Security ExpertBeNeLux, Finland and Baltics

Your IT architecture has evolved – Your security must evolve as well

OUTSIDE YOUR PERIMETER

Business Yesterday Business Today

BEYOND YOUR PERIMETER …

Securing the perimeter was simple and highly effective.

Attackers have shifted their focus to easier targets.

Less security outside the

perimeter

Mixture of “personal” and

“business” on the same device

Employees act more carefree

when not in the office

Hackers find it easier to exploit

these weaknesses

BEYOND YOUR PERIMETER IS AN ATTACKER’S PARADISE

5©2018 Check Point Software Technologies Ltd.

Smartphones & Tablets Operating System security – vast majority are out of date

78% of devices are running on older O/S with known vulnerabilities

Traditional Protections are insufficient

Increased prevalence of Application malware

Google Play’s app vetting is insufficient; malware also found in AppStore

Attacks use credential theft to drive phishing and whaling attacks

Employees quick to click and download

81% of breaches involve weak or stolen credentials


Mobile Threats

Rogue Wi-Fi exposes us to Man in the Middle attacksPhishing & Malicious URLs can steal our credentials and other sensitive dataPhone calls and SMS are vulnerable to eavesdropping

Network

Older O/S versions can be attacked with known exploitsPoor device configuration increases exposure to attackJailbroken / Rooted devices are left with ZERO security

DeviceApplications

Infected apps coming from Google Play & App StoreSideloaded apps likely to be malicious0-day Application malware can take control of device

The Mobile World has Changed

What has Changed? The Impact to Us

65% of employee web browsing is from mobile devices

Increases our exposure to malicious sites and downloads

Employees access corporate data from smartphones

Minimal security on devices leaves mobile data highly exposed to theft

Mobile Phishing is on the rise Much harder to detect phishing on a mobile device

Smartphones being used for both personal and business

Corporate data further exposed due to employee actions on personal devices

Corporate web browsing policies need to be applied to mobile devices

Risk of regulatory fines and reputational risk


INTRODUCING:

“SandBlast Mobile offers application scanning .. combined with network and device anomaly detection…for anti-phishing, safe browsing and URL filtering.” (Gartner 2018)


Total protection for Smartphones and TabletsCovers Corporate and Personal devicesCloud-based infrastructure and administrationEasy and quick to implementFull integration with MDM/EMMBest Malware Protection in industry


Prevents Man In the Middle Attacks over Wi-Fi and Cellular

Blocks Phishing links in SMS, Social Media and Web Browsers

Restricts access to corporate email and other resources in case of device compromise

Protects against Zero Day Malware and Infected Apps

Prevents O/S Exploits and Device Misconfigurations

Identifies and blocks malicious Command & Control communication channels


Cloud AnalysisApp ReputationBasic App InvestigationAdvanced Static AnalysisAdvanced Dynamic Analysis

How it Works

Real Time IntelligencePolicy, Monitoring &

Control

On-Device AnalysisMachine Learning-based App DetectionMan-in-the-Middle AnalysisJailbreaking / Rooting DetectionMalicious URL / Phishing*Download Prevention


Shared intelligence powered by ThreatCloud

Translates threat intelligence data from 100M gateways and end points around the world into actionable security protections.

Emulates more than 4 million files per day

Stops 7,000 zero-day attacks per Day

ThreatCloud passes 86 billion IOCs per day

Powered by AI engines


Mobile Security technology becomes

Mainstream

Extend current protections to include Mobile

Prevention, not Detection

Reduce dependency on UEM (EMM/MDM) and

user action

SandBlast Mobile Summary

Anti-

Phishing

Safe

Browsing

Conditional

Access

Anti-Bot

URL

Filtering

LETS HACK YOUR MOBILE DEVICE · Middle Attacks over Wi-Fi and Cellular Blocks Phishing links in...

Documents

Transcript of LETS HACK YOUR MOBILE DEVICE · Middle Attacks over Wi-Fi and Cellular Blocks Phishing links in...