State of Mobile Security and What to Expect in 2015

The current state of mobile security

Last year was truly an incredible year for FireEye and Mobile Security. According to Comscore, 2014 was also the year that the mobile app bypassed all other traditional Internet access methods, such as the PC and Web browser (1). Unfortunately, the dark side of this trend can be reported in the form of malicious apps and vulnerabilities, where we have seen a major uptick in cyber criminal activity.

To date, millions of mobile apps have been developed, and new apps appear on the Internet every day. Many of these apps are developed by small organizations with limited security tests and budgets, resulting in apps that are vulnerable to attacks. 

Mobile Threat Landscape

The FireEye Mobile Security team has further produced and blogged about 22 examples of malicious apps and vulnerabilities such as these:

  • Android ad-libraries that contain aggressive bad adware and vulnerabilities.
  • Remote Access Tools (RATs) expanding to mobile device monitoring and command and control activity.
  • iOS Masque Attacks that repack popular applications into malicious and fraudulent versions for cybercrime. (2)

FireEye to date has analyzed over 7 million mobile applications on Android and iOS platforms to help our customers to make informed decisions about their use of mobile devices and mobile apps. Key findings from the analysis include:

  • The number of Android vulnerabilities has increased 188% compared to 2011
  • The number of iOS vulnerabilities has increased 262% compared to 2011
  • 31% of the Google Play apps that have more than 50,000 downloads contain remote exploitable vulnerabilities
  • FireEye has discovered 1,408 publicly distributed iOS apps that misuse enterprise provisioning profiles to deliver powerful attacks on iOS devices

Country

Number of Malicious iOS Apps

United States

660

China

361

England

223

France

62

Others

102

All

1408

Fig. Countries where malicious iOS app discoveries have been made. USA leads the chart.

Mobile Threat Report

The FireEye Mobile Security team has also prepared a report to provide a 365 degree view into mobile threats, recent incidents and our key findings and recommendations. In the report we discuss key statistics and details behind every mobile security incident from last year. You can download the full report from here.

What can organizations do about mobile threats and vulnerabilities?

Current solutions to secure the mobile ready enterprise often include mobile VPN, Mobile Device Management (MDM), and mobile antivirus solutions. Unfortunately, as we have often seen, these existing solutions do not offer visibility into advanced threats or vulnerabilities that the cyber criminals so often exploit.

Different mobile devices offer different capabilities to secure your personal or enterprise data. FireEye is excited to announce our integration with Samsung Knox to support secure Android mobility on Knox-supported devices. This integration allows FireEye to suspend the app from running on supported Samsung devices until FireEye has analyzed the application for security risks. (3)

Best practice would be to request a mobile threat assessment from FireEye and Mandiant using their Mobile Threat Prevention (MTP). Opportunities also include engaging the Advanced Threat Prevention capabilities from FireEye into the organizations existing Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) suites. FireEye offers automated integration and workflows with MobileIron. These integrated solutions boost your ability to detect and monitor mobile threat levels and activity with your end users.

FireEye recommendations for mobile threat prevention:

  • Don’t click on suspicious links and attachments. They could contain spearfishing attacks.
  • Always use security tools on your iOS and Android devices.
  • Stay current on reports about security risks in mobile applications so you can make informed decisions when downloading or updating apps
  • Talk to your security professionals, or ask FireEye for recommendations.

Come meet us at Mobile World Congress in Barcelona

The FireEye Mobile Security team is participating to the Mobile World Congress in Barcelona, 2nd to 5th March, 2015. You can find our demos and team at the AirWatch and Samsung booths. Please stop by to get a free 90-day license to evaluate FireEye Mobile Security for iOS or Android devices. You can reach me and my team directly at jari.salomma@fireeye.com

References

(1) CNN and Comscore

(2) FireEye Mobile Threat Research

(3) FireEye-Samsung Press Release

(4) MobileIron Press Release