Cisco Logo


Security

It is not new that people are referring to Bring Your Own Device (BYOD) as Bring Your Own Malware (BYOM). In 2012 alone, Android malware encounters grew 2,577 percent (for details, see Cisco’s Annual Security Report). Many organizations are struggling to keep up with the BYOD trend by allowing employees to bring their favorite gadgets to the office to increase productivity and employee satisfaction. However, they are also struggling when trying to protect critical corporate assets, user’s data, and intellectual property in their employees’ mobile devices.

Stealing Your Banking Information and Your Corporate Intellectual Property Made Easy

The number of new mobile Trojans and malware is increasing every day. For example, the Carberp malware/Trojan can steal online banking credentials very easily from your phone or tablet. Carberp was first seen about three years ago, but now its source code is being sold in the underground scene at a very affordable price (US$5000 or less). Citmo.A (or Carberp-in-the-mobile) monitors incoming SMS to steal the mobile Transaction Authentication Number (mTAN) that financial institutions send to customers to validate online banking transactions.

Another example is the SpyEye-in-the-Mobile (SpitMo), which is a couple of years old, but it is still a successful tool for cybercriminals to make money.

Mobile versions of FinSpy/FinFisher can allow miscreants to log incoming and outgoing calls; conceal calls to eavesdrop on the user’s surroundings; and steal SMS messages, contact lists, and phone/tablet media (for example, photos and videos).

Even Your Music Could Trigger Mobile Malware

Recent research has revealed very clever and nontraditional ways to trigger malware and malicious behavior in mobile devices by using sound/music. Yes, that’s correct—music! Researchers at the University of Alabama at Birmingham (UAB) demonstrated this new “exploitation concept” in a paper titled Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices. This means that cybercriminals could become good DJs very soon. In all seriousness, this is the start of clever ways that malware could be triggered remotely in mobile devices (outside of Bluetooth, NFC, and over IP).

The UAB researchers demonstrated a terrifying potential attack vector by developing Android applications that monitor acoustic, visual, magnetic, and vibrational sensors built into modern mobile devices.  The prototype applications listen for command and control messages on these channels, most of which would be indistinguishable for normal sounds or lights.

Mobile Botnets Are Here to Stay

Mobile botnets are becoming the new normal. Just like in traditional botnets, cybercriminals leverage mobile botnets with one main purpose—to make money. They make money through fraud by either pumping ads onto your mobile device or selling your information to other spammers and criminal organizations. Miscreants can also steal user’s financial data, usernames, passwords, contact lists, user’s schedules, emails, corporate intellectual property, etc.

Examples of mobile botnets are Rootstrap/Bmaster (also known as Android.Bmaster) and the MDK botnet (Android.Troj.mdk). The Cutwail and Kelihos botnets are also known to target mobile devices.

There are many different ways a mobile device can be compromised by a botnet or become part of a botnet:

Cybercriminals have been known to hide mobile malware in legitimate apps and games such as Temple Run, Fishing Joy, and others. This makes it hard for a user to detect a “bad app.”

BYOD Security Guidance at Cisco Live

Every BYOD implementation is unique and there is no one-size-fits-all solution because it requires a balance between technology, policy management, and employee outreach and education.

Most Common BYOD Questions

The following are the most common questions CISOs, IT security management, and engineers often ask about BYOD:

All of these questions and many more will be answered in detail this week at Cisco Live Orlando. BYOD security is one of the hottest topics this year. I am personally delivering an advanced troubleshooting session for remote access VPN in BYOD scenarios (BRKSEC-3050) and leading several discussions regarding BYOD. However, you may also want to review  and attend the following sessions:

I invite you to join me this week at Cisco Live and access detailed information about these sessions and many more at the Cisco Live 365 website. Choose Session Catalog, and then choose the appropriate tab (Sessions, Speakers, or Exhibitors) to search and learn more about Cisco Live. Session PDFs and videos are usually available within a week after a live event. For more information, check the home page announcements. While we do record a large number of sessions, not all sessions are recorded.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 90 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments.


  1. Security risks (lost devices, access to sensitive data) are definitely a part of BYOD. However, these risks can be reduced by keeping data and applications separate from personal devices. That means that there’s no sensitive data exposed if an employee’s device is lost or stolen.

    This can be achieved with solutions like Ericom AccessNow, an HTML5 RDP client that enables users to connect from most types of devices to any RDP hosts (such as VDI virtual desktops or Windows Remote Desktop Services) and run full Windows desktops or applications in a browser tab.

    There’s nothing to install on the end user devices, as you only need an HTML5-compatible browser so using AccessNow also reduces IT support costs, since IT staff don’t need to spend time installing software on so many different platforms. All they need to do is give employees a URL and login credentials.

    Download this free white paper for some additional ideas on securely managing the mobile workforce:
    http://www.ericom.com/WP-MobileAccessSecurity.asp?URL_ID=708

    Please note that I work for Ericom

       1 like

  1. Return to Countries/Regions
  2. Return to Home
  1. All Security
  2. Return to Home