Security Threats to Mobile Devices for PC - MyAssignmenthelp

Question: Discuss about theSecurity Threats to Mobile Devices for PC. Answer: Introduction With Enterprise mobility, the recent trends made security of mobile device very imperative. In year 2010, first time IDC sales of the smart-phones outpace the sales of the PC. Issues faced by devices onslaught and identified the cost benefits and productivity, companies increasing the execution of policies related to BYOD. The other advantages and competitive edge of mobility and the lost of tablet PCs and smart-phones not protected adequately against the security threats of the mobile devices. (Bishop, 2005) Background of Mobile Device Security Today, mobile devices are becoming very much popular. As the selling of these devices increases, the demand for better functionality has arisen. Thus, the addition of more functionality raises the operating system complexity in numerous mobile devices. So, security is always a concern and mobile devices are always at risk as important information is stored on those mobile devices. This is because many times mobile devices connect to the websites and are wirelessly connected to various other devices and thus raised various security issues. (Shevchenko, 2005) Scope IT companies recognize that security is the biggest concern after the extension of the mobility takes place. The purpose of this report is to have knowledge about various security threats related to mobile devices and their countermeasures. Mobile Devices Threats Mobile devices face numerous threats that pose important risk to the corporate information. Just like computers, tablet PCs; smart-phones are also susceptible to the attacks that are digital. They are highly vulnerable to get attacked physically because of their portability function. (Dagon, 2004) Below we are providing some of the security threats related to mobile devices and the risks they have on the corporate assets: Applications unmanaged and unlicensed This will cost for the organization legal costs. If the applications that are used in an organization are licensed or not, they should get updated regularly for fixing the vulnerabilities that get exploited for gaining the steal data or unauthorized access. Loss and theft There are users who store important and sensitive data of the organization like a business plan, corporate presentations, customer databases and business emails on the office mobile devices. Thus, losing or theft of the mobile device will cost for losing that sensitive data of the organization. (Becher, 2011) Unauthorized access Many times organizations login credentials are stored by the users on their mobile devices, so that access to the corporate resources can be performed by one click or tap. Because of which unauthorized access can access easily social media networks, applications and corporate accounts by email. Eavesdropping Wireless network that is a carrier based have better security at the link-level, but the security is lacking at the end-to-end upper-layer. Information sent to the enterprise level from the client is unencrypted thus can get eavesdropped easily. Mobile Malware Tablets and Smartphones are susceptible to spyware, Trojan, viruses and worms. The main objective of this is to steal the important information, rack up the phone charges based on long distances and gather the user information. Additionally, attackers use the mobile malware for carrying out the targeted attacks against the users of the mobile devices. Bluetooth attacks Bluejacking is the harmless and least serious attacks on Bluetooth. This attack takes benefit of the small loophole in the protocol of messaging and permits the device of Bluetooth for sending the anonymous message to the target device Bluetooth. Thus, while communicate among two Bluetooth device connection was established and attacker sends the field with user-defined to target device. BlueSnarfing is the most dangerous Bluetooth attacks. In this process, attackers connect with the mobile phone of the victim through Bluetooth without user attention. Because of the access attacker can get private data like personal photographs, messages and address book. (Franklin, 2009) Countermeasures for the Mobile Devices Below there are some of the countermeasures that are used for protecting the mobile devices: Malware and viruses Antivirus software was installed in the operating system of the mobile devices, which was available with some of the vendors. But for safer sides, never visit websites that are arbitrary, do not download that are not IT authorized and always use management capabilities of the mobile devices for controlling and verifying the mobile device configuration. (Guo, 2004) Encryption Always recommended using the VPN connection while dealing with the important and sensitive information. For example, while sharing the data use SSL (one of the VPN connection) Authorization and authentication For this countermeasure to use in the mobile devices, always uses the firewall functionality which will protect the devices just like user perform firewall functionality in notebooks or laptops. (Jsang, 2015) Physical security Encryption and authentication in the mobile devices are essential because many times mobile get lost, and important data also get lost and misused due to unavailability of the authentication. Bluetooth attack The best solution is for the mobile phones that are using corporate credentials, Bluetooth should get disabled completely. Another solution is to use Bluetooth settings as hidden or undiscoverable mode. (Sanpronov, 2009) Symbian OS Attacked by Cabir Mobile Virus On Symbian OS, virus named Cabir spread with the help of Bluetooth. This was detected in Singapore in year 2004 and was spreading other continents also. This virus spread was that simple that if someone boards the plane with infected mobile than other mobiles can get targeted easily through Bluebugging, Bluetracking, Bluesnarfing and Bluejacking. These viruses are present only as the minor threat, but demonstrate clearly that the mobile devices become the target and the nature of the wireless communication devices makes them perfect for malicious code proliferation. When the phone is get infected by this virus Cabir, then message Cabire is shown on the screen of the phone every time phone gets turned on. Below factors are prerequisite set for the large-scale outbreak stage: Connectivity is enough Smartphones uses various communication options, like WAN connections, infrared, Bluetooth, synchronization, MMS and SMS. Thus, more freedom provides more creation of the viruses. Functionality is enough Currently, many employees use corporate mobiles which contain critical applications and data of the organization and that are insufficiently get protected. Thus, this expanded functionality and increase the malware probability. Enough targets of terminals In the market, there are 10 million of Symbian devices and Ovum estimated numerous in 2007 devices of Symbian OS will be 100 million. The first virus is the Palm OS that is seen where numerous devices are affected by it and reached to 15 million. Countermeasures used by Symbian Below are the complete solutions for security that are protecting the mobile devices against the new threat and have several layers: The client has to install the real-time antivirus and keep it up-to date in all the smart-phones, where there should be a mechanism that updates were delivered directly to the devices. In a network, there should be an establishment of the gateway level security solution by mobile operators which will be flexible enough to filter the traffic. The vendors of the mobile devices and operating system will have to create the process that will focus on the security as hot fix and will provide proliferation measures. (Impivaara, 2004) Conclusion The security of the mobile devices draws more of the attention when there is gain of popularity towards the mobile devices. Malware like worms, botnets and viruses become the major concern while using the mobile devices because they can leak the sensitive and important information that are transmitted by or stored in the mobile devices. In this paper, we have provided details about various security threats that are related to the mobile devices. There are also countermeasures provided to avoid those threats. Here, real life example taken was of Symbian OS that was attacked by Cabir virus in year 2004 with the countermeasures that organization performed to eliminate that virus. Reference Impivaara, M., (2004), Mobile security: Threats and countermeasures, https://www.ebizq.net/topics/soa_security/features/5358.html?page=2 Franklin, C., Layton, J. (2009), How Bluetooth Works, Retrieved December 1, 2009, from HowSuffWorks.com: https://electronics.howstuffworks.com/bluetooth1.htm Sanpronov, K. (2009), Bluetooth Security and New Year War-nibbling, Retrieved December 1, 2009, from VirusList.com: https://www.viruslist.com/en/analysis?pubid=181198286 Shevchenko, A., (2005), An overview of mobile device security, Retrieved December 1, 2009, from Viruslist.com: https://www.viruslist.com/en/analysis?pubid=170773606 Becher, M.; Freiling, F. C.; Hoffmann, J.; Holz, T.; Uellenbeck, S.; Wolf, C., (2011),Mobile Security Catching Up?, Revealing the Nuts and Bolts of the Security of Mobile Devices, IEEE Symposium on Security and Privacy, pp.96111 Jsang, A.; Miralab, L.; Dallot, L., (2015),"Vulnerability by Design in Mobile Network Security",Journal of Information Warfare (JIF),14(4) Dagon, D.; Martin, T.; Starder, T., (2004),"Mobile Phones as Computing Devices: The Viruses are Coming!", IEEE Pervasive Computing.3(4): 11 Bishop, M., (2005), Introduction to Computer Security, Pearson Education, Boston, MA Guo, C.; Wang, H.; Zhu, W. (2004),Smart-Phone Attacks and Defenses, ACM SIGCOMM HotNets, Association for Computing Machinery, Inc