In our second blog, I discussed why a mobile device needs to be protected. Exactly what are we talking about here? What are the ways an attacker can hack a mobile device to get what they need?
Gone are the days where attackers throw USB thumb drives in parking lots hoping someone from the target organization picks one up and inserts it into their desktop in the corporate network. Attacks have become more sophisticated and targeted to specific organizations.
There are four main vectors of attacks on mobile devices:
Attackers will use combinations of the above vectors to target their victims. The attack “kill chain” adopted by Lockheed Martin as a method for modeling intrusions on a computer network is applicable to mobile device attacks:
The attack typically deployed redirects the victim’s traffic so the attacker could see where he/she was browsing and interacting. This redirect is considered a Man-in-the-Middle attack (MitM). If an attacker can see the victim’s traffic, then the perpetrator gains access to:
In one instance, a well-known company discovered their workers were under MitM attacks when they traveled by train back and forth to work. A rogue access point was setup to emulate the company’s internal WiFi network which allowed the attacker to see their traffic.
When WannaCry was seen in the wild, an Android app was discovered that would scan the WiFi network for any Windows devices that were vulnerable to WannaCry and attempt to infect them.
Keep in mind, the MitM attack is not a purely local phenomenon. It is possible through spear phishing or other means, for example, to get a user to install a profile that would route all the user’s traffic through a VPN/Proxy where the attacker can inspect it and also attempt to decrypt it.
All of these attacks aim to get more pieces in the puzzle to successfully infiltrate an organization. Doing so, gains access to data, intellectual property/information such as troop movements and plans, in the case of the military.
My next article, will describe how to best protect your mobile devices and your organization.