{"id":6859,"date":"2019-08-02T14:08:01","date_gmt":"2019-08-02T12:08:01","guid":{"rendered":"https:\/\/blog.mi.hdm-stuttgart.de\/?p=6859"},"modified":"2023-08-06T21:47:09","modified_gmt":"2023-08-06T19:47:09","slug":"mobile-security-how-secure-are-our-daily-used-devices","status":"publish","type":"post","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2019\/08\/02\/mobile-security-how-secure-are-our-daily-used-devices\/","title":{"rendered":"Mobile Security – How secure are our daily used devices?"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

Nowadays, the usage of mobile devices has become a part of our everyday life. A lot of sensitive and personal data is stored on these devices, which makes them more attractive targets for attackers. Also, many companies offer the possibility to work remotely, which results in storing confidential business information on private phones and therefore increases the organizations\u2019 vulnerability. The following content shows what kind of attacks the mobile platform is facing and how secure we really are.
<\/p>\n\n\n\n\n\n\n\n

<\/div>\n\n\n\n

Introduction<\/strong><\/p><\/h2>\n\n\n\n

Latest statistics show three different kind of types, which are mainly used by cybercriminals to infiltrate mobile devices.
<\/p>\n\n\n\n

\"\"
Source: [1]<\/figcaption><\/figure>\n\n\n\n

The most common and probably easiest way for attacker to access the phone’s data is via custom applications. Therefore their biggest challenge is to bypass the official App Stores, as most of the malicious apps are not able to pass through their security mechanisms.<\/p>\n\n\n\n

Network attacks, for example a Man-In-The-Middle<\/a> attempt, seem to be less successful, as well as attacks on the devices themselves, like using a security hole in the phone’s operating system.<\/p>\n\n\n\n

Before we take a more detailed look at the different types, let’s first consider various goals the attackers might have. As previously mentioned, confidential company data seems to be a very profitable reason. In general, most of the cybercriminal activity is driven by money [2], which is why account numbers, credit card details and banking credentials will always stay at the top of the attackers\u2019 lists. However, some hackers might also seek for personal data, like social security numbers or even call logs. <\/p>\n\n\n\n

\"\"
Source: [1]<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

Application Threats<\/strong>
<\/h2>\n\n\n\n

The amount of different application threats is massive: data sending trojans, ransomware and even mobile cryptomining are only a few examples of malicious applications. In average, there are about 60 to 90 apps installed mobile devices [3]. The most critical part is the origin of the apps. As the official App Stores from Google and Apple provide a high protection against malicious applications, more and more people start downloading apps from unknown sources, like third-party App Stores (Reasons for that will be discussed later). Both operating Systems – iOS and Android – include security mechanisms against such applications, which can be turned off by the user in the phone’s settings. Once turned off, there is no further check when installing and running an application. Therefore it’s important to keep in mind that this option should only be checked if the provider can be trusted.
<\/p>\n\n\n\n

\"\"
Source: [4]<\/figcaption><\/figure>\n\n\n\n

<\/p>\n\n\n\n

Backdoors<\/h4>\n\n\n\n

A good example of malicious applications are the so called \u201cbackdoors\u201d. Once installed, the app launches a background service, which runs constantly and redirects all network traffic through an encrypted tunnel to a third-party server. This service will stay active, even if the app is closed. Lately, several backdoor applications were noticed, on which the icon was removed after first open, which makes it very hard to uninstall the application [5].
<\/p>\n\n\n\n

But how do the attackers bypass the App Stores and get the users to install their app?
A good example is the Android TimpDoor <\/strong>Attack 2018: With a phishing campaign via SMS, the cybercriminals prompted users to download and install a \u201cnew voice app\u201d. Within the message, there was a link with a description of how to download the file from a browser and thereby bypassing the App Store by allowing installation from unknown sources.<\/p>\n\n\n\n

The application is completely fake, which means there is no working functionality inside. If the app is not directly uninstalled, it seems likely for the users to forget about it and never remove it from the phone, which then leads to an ongoing security issue.
<\/p>\n\n\n\n

\n
\n
\"\"
Source: [5]<\/figcaption><\/figure>\n\n\n\n

<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n

Fakeapps<\/h4>\n\n\n\n

Another type of mobile malware is a Fakeapp. These are apps pretending to be original versions of popular apps like games, generating revenue through ad clicks or redirecting to other downloads. In order to be convincing, fake apps use original images, sounds and screens to pretend to be correct. Especially for fast growing and very popular games, fakeapps seem to be pretty profitable. In August 2018 for example, when the multi-player game Fortnite <\/strong>became popular and offered an invitation-only beta version of their mobile app, an extremely high rate of fakeapps was detected, as the users were eager to get access to that game. [LINK]<\/a> <\/p>\n\n\n\n

In the McAffee Security Report 2019 they say that \u201cFake Apps are and will be one of the most effective methods to trick users into installing suspicious and malicious applications in Android\u201d [2].<\/p>\n\n\n\n


<\/p>\n\n\n\n

More examples
<\/h4>\n\n\n\n

This were only a few examples of mobile application threats. Mobile banking trojans <\/strong>are on the rise trying to steal credentials from banking apps. Also, while the digital currencies became popular, the number of mobile cryptomining<\/strong> apps has grown massively. Another example is the 33% increase of mobile ransomware<\/strong> infections within last year. Statistics show, that one in 36 mobile devices have high risk apps installed. While every day about 10.000 apps get blocked from the official App Stores, the attackers keep going to find new ways to bypass this security mechanism in order to spread their malicious applications on mobile devices. [6], [7]<\/p>\n\n\n\n

<\/div>\n\n\n\n

Operating System Threats<\/strong>
<\/h2>\n\n\n\n

Security holes in the code of an operating system are discovered from time to time. These holes can lead to a huge security risk and offer cybercriminals the ability to access the affected device. That\u2019s why the companies need to act fast to provide proper security patches in order to get rid of these known vulnerabilities.
Unfortunately, nowadays these patches take too much time and a lot of devices with an outdated operating system version still exist, leaving them open for attacks. Here a clear difference between the Android and iOS Operating System is shown. Due to the fact that Android is distributed from many different manufacturers, these security patches take much more time than on iOS. Also because of that, new operating system updates need a lot of time to roll out for all the different devices on Android. A big majority of Android devices don’t run on the latest version which may include important security fixes.<\/p>\n\n\n\n

\n


The exploitation of an unpatched vulnerability can lead to system takeover and major data breaches<\/strong><\/p>\nPradeo Lab [1]<\/cite><\/blockquote>\n\n\n\n

Statistics point out that one of the biggest Android problems is, that 76% of the devices run on an old version of its operating system. On top of that, the code of the Android OS is open source, which means the source code is visible to anyone. Cybercriminals can use that to gain access through security holes much more easier than on iOS, which is a closed system and therefore more complicated for hackers to find vulnerabilities in the operating system.
<\/p>\n\n\n\n

\"\"

Source: [7], p.43
<\/figcaption><\/figure>\n\n\n\n
<\/div>\n\n\n\n

Network Threats<\/strong>
<\/h2>\n\n\n\n

Network threats occur less frequently than application threats, but the numbers are growing. Security reports keep warning from unsecure Wifi Hotspots<\/strong>, which could be easily used for criminals to steal information, for example by Man-In-The-Middle<\/a> attacks.
Latest statistics show an increase of three times the usage of public hotspots since 2016 and they predict even higher numbers for the next years [1]. Lately, there have also been attacks, where hackers used the wifi connection to distribute malware [8]. Although this sounds intimidating, protection is guaranteed by turning off file-sharing across the network.<\/p>\n\n\n\n

Another fast growing network threat is phishing, which is known for a long time, happening mostly via email traffic. This area has also shifted to the mobile sector, targeting people via SMS (smishing). These phishing attacks attempt to steal ones\u2019 personal data by tricking users to download malware or leading them to fake sites, on which they will be asked for personal information.[9]
<\/p>\n\n\n\n

\"\"
Source: [1]<\/figcaption><\/figure>\n\n\n\n

The best protection against phishing is to always double check the messages. Does it come from a number I know or is this a suspicious number? No institution would send a SMS with a link to enter confidential information. If not sure, best rule is to better not respond to the message and not click on any links inside it.<\/p>\n\n\n\n

<\/div>\n\n\n\n


<\/p>\n\n\n\n

What can we do?<\/strong>
<\/h2>\n\n\n\n

There are several providers for mobile security software, which can be downloaded in the App Stores. Unfortunately, most of them are related to costs and less people are willing to pay for that. On top of that, you can never be completely sure, that all kind of attacks will be prevented by such software. Although this might be interesting for companies who offer their employees business phones to secure their business data.<\/p>\n\n\n\n

As a rule of thumb you should always keep in mind to only use the official App Store for downloading apps. If, for some reason, you get requested to download an app outside the official App Store, always question yourself whether this is really necessary.<\/p>\n\n\n\n

An obvious point is to regularly update your operating system, if you receive new updates. Here, an improvement is needed, as the manufacturers should provide security patches and system updates much faster, especially for Android.<\/p>\n\n\n\n

One last point to mention are runtime permissions: Every application has to request permission access in order to use certain functionality of a device, for example camera or microphone. You do not always have to grant permissions, ask yourself why the app needs access to the requested functionality and get suspicious if you do not see any reason.<\/p>\n\n\n\n

<\/div>\n\n\n\n

Conclusion<\/strong><\/h2>\n\n\n\n

Mobile security is a topic which requires a continuous work, as malware increases and cybercriminals find new ways to attack devices. Especially these days, with Internet of Things (IOT) and an increase of networking between all different kind of gadgets, the smartphone we use everyday represents a huge target, as it has the ability to control them all. <\/p>\n\n\n\n

Upcoming topics like mobile payment or medical data on the phone will result in an even bigger interest for hackers.<\/p>\n\n\n\n

After all it\u2019s sometimes enough to raise the users\u2019 awareness of the threat against smartphones, so that less people get tricked by phishing attacks or malicious app downloads. <\/p>\n\n\n\n

<\/div>\n\n\n\n

References<\/strong><\/h2>\n\n\n\n

[1] Pradeo Lab, Mobile Security Report, February 2019
https:\/\/www.pradeo.com\/media\/Pradeo_mobile_threat_report_S12019.pdf<\/a>
[Accessed 02 August 2019]
<\/p>\n\n\n\n

[2] McAfee Mobile Threat Report Q1, 2019
https:\/\/www.mcafee.com\/enterprise\/en-us\/assets\/reports\/rp-mobile-threat-report-2019.pdf<\/a>
[Accessed 02 August 2019]
<\/p>\n\n\n\n

[3] 9To5Mac, The average smartphone user spends 2h 15m a day using apps \u2013 how about you?
https:\/\/9to5mac.com\/2017\/05\/05\/average-app-user-per-day\/<\/a>
[Accessed 02 August 2019]
<\/p>\n\n\n\n

[4] Applivery, Allowing app installs from Unknown Sources in Android
https:\/\/www.applivery.com\/docs\/troubleshooting\/android-unknown-sources\/<\/a>
[Accessed 02 August 2019]
<\/p>\n\n\n\n

[5] McAffee, Android\/TimpDoor Turns Mobile Devices Into Hidden Proxies
https:\/\/securingtomorrow.mcafee.com\/other-blogs\/mcafee-labs\/android-timpdoor-turns-mobile-devices-into-hidden-proxies\/<\/a>
[Accessed 02 August 2019]
<\/p>\n\n\n\n

[6] Kaspersky, IT threat evolution Q1 2019. Statistics
https:\/\/securelist.com\/it-threat-evolution-q1-2019-statistics\/90916\/<\/a>
[Accessed 02 August 2019]<\/p>\n\n\n\n

[7] Symantec, Internet Security Threat Report, Volume 24
https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/reports\/istr-24-2019-en.pdf<\/a>
[Accessed 02 August 2019]
<\/p>\n\n\n\n

[8] Kaspersky, How to Avoid Public Wifi Security Risk
https:\/\/www.kaspersky.com\/resource-center\/preemptive-safety\/public-wifi-risks<\/a>
[Accessed 02 August 2019]
<\/p>\n\n\n\n

[9] Kaspersky, What is Smishing and How to Defend Against it?
https:\/\/www.kaspersky.com\/resource-center\/threats\/what-is-smishing-and-how-to-defend-against-it<\/a>
[Accessed 02 August 2019]
<\/p>\n","protected":false},"excerpt":{"rendered":"

Nowadays, the usage of mobile devices has become a part of our everyday life. A lot of sensitive and personal data is stored on these devices, which makes them more attractive targets for attackers. Also, many companies offer the possibility to work remotely, which results in storing confidential business information on private phones and therefore […]<\/p>\n","protected":false},"author":945,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1,649,653,26],"tags":[269,27],"ppma_author":[789],"class_list":["post-6859","post","type-post","status-publish","format-standard","hentry","category-allgemein","category-interactive-media","category-mobile-apps","category-secure-systems","tag-mobile","tag-security"],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":1056,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2016\/07\/24\/bring-your-own-device-advisible-but-often-still-harmful\/","url_meta":{"origin":6859,"position":0},"title":"Bring your own Device \u2013 advisible, but often still harmful","author":"Maren Gr\u00e4ff","date":"24. July 2016","format":false,"excerpt":"(written by Mona Brunner, Maren Gr\u00e4ff and Verena Hofmann) Introduction Bring your own device (BYOD) is a concept which enables employees to use their personal devices for work. The most poplular devices are smartphones and tablets, however, notebooks can also be included as well. Using their own device employees can\u2026","rel":"","context":"In "Allgemein"","block_context":{"text":"Allgemein","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/allgemein\/"},"img":{"alt_text":"byod","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2016\/07\/byod-300x210.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":3217,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2017\/09\/14\/embedded-security-using-an-esp32\/","url_meta":{"origin":6859,"position":1},"title":"Embedded Security using an ESP32","author":"benjaminmorgner","date":"14. September 2017","format":false,"excerpt":"Ever wondered why your brand-new Philips Hue suddenly starts blinking SOS? Or why there is an ominous Broadcast on your Samsung TV while watching your daily Desperate Housewives? And didn't you wear an Apple Watch a few minutes ago, and why did you buy 2 TVs in that time? Security\u2026","rel":"","context":"In "Secure Systems"","block_context":{"text":"Secure Systems","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/system-designs\/secure-systems\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10555,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2020\/08\/19\/iot-security-the-current-situation-best-practices-and-how-these-should-be-applied\/","url_meta":{"origin":6859,"position":2},"title":"IoT security \u2013 The current situation, \u201cbest practices\u201d and how these should be applied","author":"lh133","date":"19. August 2020","format":false,"excerpt":"Smart thermostats, lamps, sockets, and many other devices are no longer part of any futuristic movies. These items can be found in most households, at least in parts, whether in Europe, America, or Asia. A trend that affects the entire globe and is currently gaining ground, especially in industrialized countries.\u2026","rel":"","context":"In "Internet of Things"","block_context":{"text":"Internet of Things","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/scalable-systems\/internet-of-things\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/PaperClasses.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/PaperClasses.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/PaperClasses.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/PaperClasses.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":3910,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2018\/08\/14\/beyond-corp-a-new-approach-to-enterprise-security\/","url_meta":{"origin":6859,"position":3},"title":"Beyond Corp – Google’s approach to enterprise security","author":"Domenik Jockers","date":"14. August 2018","format":false,"excerpt":"What is Beyond Corp? Beyond corp is a concept which was developed and is used by Google and is by now adopted by some other companies. The idea behind it was to get away from the intranet and its perimeter defense, where, if you breach the perimeter you can access\u2026","rel":"","context":"In "Secure Systems"","block_context":{"text":"Secure Systems","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/system-designs\/secure-systems\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/08\/pipeline.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":3978,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2018\/08\/16\/security-in-smart-cities\/","url_meta":{"origin":6859,"position":4},"title":"Security in Smart Cities","author":"Johannes Kaeppler","date":"16. August 2018","format":false,"excerpt":"Today cities are growing bigger and faster than ever before. This results in various negative aspects for the citizens such as increased traffic, pollution, crime and cost of living, just to name a few. Governments and city administrations and authorities are in need to find solutions in order to alleviate\u2026","rel":"","context":"In "Secure Systems"","block_context":{"text":"Secure Systems","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/system-designs\/secure-systems\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1568,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2016\/09\/08\/secure-systems-2016-an-overview-walter-kriha\/","url_meta":{"origin":6859,"position":5},"title":"Secure Systems 2016 – An Overview, Walter Kriha","author":"Walter Kriha","date":"8. September 2016","format":false,"excerpt":"This is an attempt to provide an overview of the topics in \"Secure Systems\", a seminar held during the summer term 2016 at the Stuttgart Media University HdM. Presentations have been given and blog entries into our new MI blog were made. With the chosen topics we have been quite\u2026","rel":"","context":"In "Allgemein"","block_context":{"text":"Allgemein","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/allgemein\/"},"img":{"alt_text":"securesystems","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2016\/09\/securesystems-205x300.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"jetpack_sharing_enabled":true,"authors":[{"term_id":789,"user_id":945,"is_guest":0,"slug":"jm130","display_name":"Johannes Mauthe","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/6874b65a7b7149f7b6d1ca6182c00e7a1ecc1047277e223cfa8028df9990b741?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/6859","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/users\/945"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/comments?post=6859"}],"version-history":[{"count":75,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/6859\/revisions"}],"predecessor-version":[{"id":25438,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/6859\/revisions\/25438"}],"wp:attachment":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/media?parent=6859"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/categories?post=6859"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/tags?post=6859"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/ppma_author?post=6859"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}