CrowdStrike CEO to reveal 'major mobile vulnerability' at RSA
CSO - A significant vulnerability affecting all versions of the Webkit mobile browser could give malware complete control of your phone. The malware could listen in on your conversations, view through your camera and record everything in your email and messages. It can also track your locations at the time. George Kurtz, CEO of the new security company CrowdStrike, has told CSO he'll demonstrate how the vulnerability works at a presentation at RSA Wednesday.
According to Kurtz, the new vulnerability affects all Android, iOS and newer BlackBerry devices. It does not affect devices running Microsoft Windows Phone 7. Kurtz said this means virtually every smartphone and tablet in use globally shares this vulnerability. Worse, security software currently available for mobile devices won't detect such malware and won't protect against it.
Kurtz is perhaps best known for his revelations regarding the Chinese Shady Rat operation that compromised US government and defense contractors in 2011. Kurtz discovered the Chinese cyber attacks on the US while he was CTO at McAfee. He left that company after the Intel acquisition.
In his interview with CSO, Kurtz said that he compares the use of malware to the use of a gun. If someone is shooting at you, it makes more sense to take out the shooter rather than to stop the bullets, especially since the shooter can change the type of bullets he's using at any time. He said that users of malware can do the same thing and change the method of attack at any time.
Kurtz added that mobile devices are the next battlefield. "One of the things we talk about is the nation-state activity," Kurtz said. "We believe that this scenario is happening today. It's happening on mobile devices."
Kurtz said his company has been able to repurpose Chinese malware so it can take advantage of the Webkit vulnerability and take control of any mobile device. He said he's been able to control the camera and microphone on a mobile device, read email and text messages, and use the device to record what's happening around it. "It's the ultimate spy tool," he said.
Kurtz said the malware can be distributed by simply getting a user to click on a link that takes them to an infected website. Simply visiting the site would infect the device, and allow the remote operator of the malware to send data to a site anywhere in the world. "SMS messages could be a potential point of infection," Kurtz said.
For now, until the vulnerability is fixed, there's little anyone can do to prevent infection by the malware he describes, except to know not to click on links. In addition, he said it's important to make sure that software on mobile devices is kept updated, something that's not always possible on Android devices because of the fragmented update situation in the Android world.
Until security managers know that the mobile devices in their organizations have been updated, he said the best they can do is train users not to open links, and to be aware of what's installed on the devices. He also suggested disabling Android's ability to load applications from anywhere.
Kurtz will be present his findings Wednesday, at 10:40 a.m.
Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Protection for Every Enterprise: How BlackBerry Security Works Get an IT-level review of BlackBerry® Security, addressing data leakage protection, certified encryption, containerization and much more.
- Future Focus: What's Coming in Enterprise Mobility Management (EMM) Find out why Enterprise Mobility Management (EMM) solutions that are truly future-ready must be designed to enable Machine-to-Machine (M2M) capabilities and much more.
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Unmasking the Differences between Consumer and Enterprise File Sync & Share The consumerization of IT combined with the rapid pace of the modern mobile workplace is forcing enterprise IT teams to evaluate file sync...
- Live Webcast Workforce Mobilization for Improved Productivity A mobility research director from Aberdeen discusses reasons for extending legacy applications to mobile devices, and an integration strategist from Attachmate shows how...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Mobile/Wireless White Papers | Webcasts