Another week, another onslaught of scary mobile malware headlines. Whether it's a fake app on an app store (WhatsApp this week), a triple whammy attack, or just a theoretical exploit that hasn't yet occurred in the wild, the headline informs us that millions if not billions of users are at risk.
But are enterprises at risk? Yes, but rarely from mobile malware.
JR Raphael posted an interesting article at CSO that suggests we may be asking the wrong question if we're asking what's the best Android security app to protect ourselves from mobile malware attacks. In suggesting why third-party security is rarely the right answer, Raphael lists several points, including this:
But are enterprises at risk? Yes, but rarely from mobile malware.
JR Raphael posted an interesting article at CSO that suggests we may be asking the wrong question if we're asking what's the best Android security app to protect ourselves from mobile malware attacks. In suggesting why third-party security is rarely the right answer, Raphael lists several points, including this:
Even if you do happen to encounter Android malware, it's highly unlikely to compromise corporate dataMobile malware represents a threat, but mostly to the individual user. Not to the enterprise. Why? It's mostly because the major mobile platforms, Android and iOS, are really quite secure. As a result, attackers have limited options. The major mobile attack vectors are:
- ransomware
- trojan or fake app
- spyware
- toll and ad fraud
Toll and ad fraud are mostly an annoyance, but the other attacks can result in a ransom payout (or lost data), financial fraud, or identity theft. Such attacks can cause my privacy to be violated or my bank account to be emptied, but represents no threat to my enterprise's finances or infrastructure. Unlike in the enterprise desktop environment, cross-platform attacks that jump from the compromised endpoint into the soft underbelly of the enterprise infrastructure are rare and relatively unsophisticated. Therefore, while mobile malware represents a serious threat to consumers, there are no known cases where a mobile malware has led to a major enterprise breach.
It's unfortunate that we use the same term for mobile and desktop attacks. "Malware" in the mobile context refers to attacks with a blast radius of one; "malware" in the desktop context is an existential threat, with a potential enterprise-wide blast radius. Protecting against such exploits has been and continues to be the top priority of any enterprise, and we've seen cases where a enterprises business prospects are harmed and executives' careers are damaged.
So does this mean there's no threat resulting from mobile use in the enterprise? Hardly. As noted in prior posts, employee use of mobile devices in the workplace can lead to data leakage of privacy and corporate data that could reveal confidential initiatives, plans and strategies. But malware is not the threat here, it's mostly legitimate public store apps gathering far more data than most people realize. Stay tuned as we develop those concepts in future posts.
No comments:
Post a Comment