Mobile enterprise management tools are targeted by spyphones, researchers warn
iOS devices are targeted the most, they said
IDG News Service - Enterprises that use mobile device management (MDM) systems to protect their corporate data on employees' mobile phones are not safe from attacks from spyphones, researchers warned at BlackHat Europe on Thursday.
Over the next five years, 65 percent of enterprises will adopt a mobile device management (MDM) system for corporate users, technology research company Gartner predicted last October. Companies will use the systems to manage network traffic and corporate data on smartphones and tablets, which nowadays are often owned by employees and used for both private and corporate tasks.
Companies are using MDM systems to protect their data, but they must be aware that while the systems are useful, they don't provide full security and can be targeted by so-called spyphones, warned Daniel Brodie, senior security researcher at the Israeli security company Lacoon Security, and Michael Shaulov, CEO and co-founder of the company, at the BlackHat conference in Amsterdam.
MDM systems try to tackle security issues by providing a "secure container" on mobile devices, encrypting the part of the mobile device that handles business data, as well as offering the possibility to remotely wipe or lock that section if a phone is stolen or an employee quits. However, common MDM security offerings can be circumvented by planting surveillance tools without the users knowledge on a phone, turning it into a spyphone, Brodie told a crowd of conference attendees.
A survey conducted by Lacoon in cooperation with global cellular network providers showed that about one in 1,000 phones was a spyphone, according to Brodie's research paper. Of 175 compromised devices found, 52 percent was attributed to Apple's iOS, 35 percent to Android phones, 7 percent to Nokia phones and 6 percent to other devices, he said.
"This is a very alarming number," Brodie said. The problem with spyphones is that while the software is installed on a single device, it is used to target whole organizations for espionage purposes, Brodie said. And as such, the impact of a spyphone attack on an organization can be "extremely high," he added.
Most spyphones are used for recording confidential phone calls and board meetings, tracking locations, extracting call logs as well as text messages and voice memos, and snooping on corporate emails and application data, Brodie said.
Secure containers of MDM systems can be bypassed in order to install spyphone software. On Android devices this can be done by publishing a seemingly innocent application in an Android market. Once the victim has installed the app, the app refers to the malicious code, which is then downloaded, the researchers said. After this, the spyphone creates a hidden binary and uses it for privileged operations, such as reading mobile logs.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Assessing ROI for Mobile Acceleration Clients This EMA® paper examines the business case for deploying mobile WAN optimization client software and builds a ROI model based on the experiences...
- The Apple-ization of the Enterprise: Understanding IT's New World Read this paper for how to tackle Apple-ization (and the related consumerization of IT and Bring Your Own Device/BYOD).
- A Practical Introduction to Enterprise Mobility Management Read the white paper to better understand the basic concepts within mobility management and to learn how you can apply EMM technology to...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the... All Mobile/Wireless White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!