A look at the future of smartphones in terms of protection against attacks and malware.
What do you pay more attention to when buying a smartphone? Screen size? Photo quality? Sleek design? It is likely that you will start to care more about the security of a potential smartphone: the number of threats to the security of your device is growing, both from lone hackers and governments of states monitoring users. The damage to a specific user can be colossal: one hacker / one virus – and your passwords, bank or credit card details, and other private information fall prey to the attacker.
All of this means that a smartphone manufacturer (whether Apple, Samsung, or whatever) that actively educates its users about security and creates the most secure phones can gain an edge in the fight for market share. Think your device is safe? Recently Apple released a patch that fixes a rather serious vulnerability. It became known about her after a well-known dissident from the UAE found a message on his phone offering to follow the link. He reported this to the company's specialists, who determined that clicking on the link would give the software access to remote control of his smartphone. According to Reuters, this is the first case of software that can access iPhone 6 with the latest version of protection.
A recent report by mobile cyber security specialist Mobileiron identified the following types of attacks on mobile devices that have emerged or have become common over the past six months:
- Android GMBot: Spyware that remotely monitors infected devices and tries to trick users into obtaining information about bank accounts
- AceDeceiver: malicious software designed to steal Apple ID
- Sidestepper: Vulnerability iOS: A way to intercept and control traffic between the device and the MDM server.
- Marcher Android: Malware that tries to force users to enter their login information to the Internet bank.
- Serious problems with OpenSSL affecting many applications and services
Smartphone owners rely on Google and Apple and expect them to provide the necessary protection against such threats. The companies, in turn, have released three updates each for the current quarter. Be that as it may, troubles can lie in wait for users Android who download applications not from Google Play, as well as owners of jailbroken (disabling security restrictions) devices Apple who take risks by downloading software outside the App Store. In addition to malicious code that is deliberately hidden in software during its development, unintentional security breaches can occur. This happens when sensitive information is stored in insecure storage on your smartphone. Hacking can also be done literally over the air, with device owners using an open WiFi or Bluetooth connection.
BYOD is a policy of the management of individual companies, within the framework of which users can use personal devices to access the corporate network and work with corporate information.
Threats exist, but not only to individual users. Smartphones and tablets are becoming a replacement for employers' prescribed computers to access the intranet. Employees want to use their own devices, and companies want to take advantage of the increased productivity that comes with bring your own device (BYOD).
In early 2015, Tech Pro Research reported 74% of companies that allowed or planned to allow companies to use their own mobile devices, which, in turn, brought another headache for the IT departments of these companies. In the above-mentioned Mobileiron report, the following opinion is found: “Security breaches are harbingers of unauthorized access: they leave behind a vulnerable device or application, which can jeopardize the confidentiality of corporate information.” Also, the document says an increase in device loss over the last quarter, with only 8% of companies updating device OS and less than 5% of companies monitoring malware.
Siobhan McDermott, Head of Cyber Security at EY, has the following opinion: “With the advent of BYOD and the global proliferation of hacker software for mobile devices, we are seeing a widespread increase in network vulnerabilities. We are also seeing the personification of viral software that targets senior management rather than sending out e-mails in droves in the hope that someone will follow the link.
So, smartphones have become the main target of hackers, scammers and spies. The developers of operating systems for phones are aware of this, and are working on security at the device-specific level. Each OS offers its own protection, but which one is the best?
In a Gartner report dated April 12 of this year, the company compared 12 platforms for mobile devices: Android 4, 5, 6. BlackBerry 10, BlackBerry Android, iOS 8 and 9, Samsung Knox, Microsoft Windows Phone 8.1 and 10 (Lumia) and Windows 8. 1 and 10 (Surface). They looked at many key features, Gartner said, including biometric security, kernel security, and OS updates. The report also covered functions related to IT administration: encryption management, workspace isolation and protection against hacking (jailbreak / root).
Knox is the only operating system to be rated 'reliable' at every stage of security audits in the corporate sector. The second place went to BlackBerry 10, which received this rating in all categories, except for 'Device Firewall Control'. As noted earlier, 97% of mobile malware targets Android, especially in light of the problems the FBI encountered in attempting to break the encrypted iPhone left by one of the attackers on the spot. crimes after the shooting in San Bernardino. But you need to remember the already mentioned attack on iPhone in the UAE and that it can give the hacker full control over the phone.
Knox 2.6 is the latest version of Samsung's secure platform available in SGS 7 and 7 Edge. May coexist with Android for Work
Security is not a competitive advantage for buying new smartphones, but this will change as more corporate users move to BYOD and consumers in general to control smart homes with their phones. Imagine a hacker gaining access to the functions of your smartphone, which can control alarms and locks in your home! Be that as it may, everything is changing now. In July, BlackBerry introduced the DTEK50, which was hailed by the company as the safest Android smartphone in the world. Blackberry has a long history of security, and BlackBerry 7 was named in April 2012 by Trend Micro as the most secure OS for business.
This article was not intended to provide recommendations for buying the best smartphone or choosing the most secure OS. However, it is worth highlighting how recent events have shown that smartphone security is becoming increasingly important for both consumers and corporations. For a long time, it seemed that only Blackberry promoted security in its ads. For example, in the case of the Note 7, there is no mention of Knox on the product page on the official website. But Apple seems to have begun to emphasize security, indicating its presence in the section dedicated to iPhone.
The change will become more evident and safety will become one of the key parameters that potential buyers will pay attention to. This will be especially true for those users who use their smartphones to work in corporate networks, because IT specialists will promote a more stringent approach to cyber security.
Original material by Alex Castellano
In the process of scrolling through the news feeds, every now and then there are references to more and more new threats, ways to fish out valuable information and types of virus software. Cyber crime is on the rise, but device manufacturers also do not want to lose users who are not at all interested in playing games with scammers and cyber thieves. Therefore, the protection built into the device is gaining more and more emphasis. Perhaps, the situation with the investigation in San Bernardino can be attributed to the set-off Apple, the company showed that their devices are reliable, even the FBI cannot hack them. But Android also have reliable solutions, as we can see from the article.
I thought about security and remembered the idea that whatever the protection, the playful fingers of negligent users still strive to download the cache for the game from some strange resource or follow strange links and independently provide their data to someone unknown. The manufacturer, of course, will help to the best of his ability, but nothing will save from his own negligence. So the focus on safety is a matter of course, or is it really a forward-looking argument for a particular device?