2016 has been a fully packed year for mobile security, with the first major public exposure of sophisticated state-sponsored cyber espionage, and the evolution of mobile spyware technology for corporate espionage. So what will 2017 have to offer enterprise mobile security?
Predictably, 2017 is expected to bring even more sophisticated hacks, against bigger targets, with greater impact. Yet there is also reason for optimism, as IT security experts embrace the modern diversified mobile security strategy, and classic operating systems continue to evolve to adopt mobile OS architecture strategies. Here are the bad and good things we can expect from enterprise mobile security for 2017:
- Mobile attacks will grow in sophistication and impact We are seeing a trend of elevated sophistication and impact of attacks against mobile devices, which we expect to continue in full force in the coming 12 months. Attackers will continue using malware and network-based attacks to steal sensitive data and identities, and will tailor their attacks to take advantage of what mobile devices have to offer: change the way apps behave, steal the data & credentials they store and monitor the victim through the camera, microphone and GPS. Specifically, we expect attackers to further enhance the depth and sophistication of compromise. Attackers will not only root or jailbreak mobile devices as part of their attacks, they will also put more focus on hiding their attacks from naive jailbreak and rooting detections. This will allow their attacks to operate longer on victim devices and use the compromised operating systems to gain deep insight into the digital lifecycle of their victims.
The Pegasus spyware tool, which was uncovered earlier this year, is a clear indicator that hackers are stepping up their efforts to find useful weaknesses in mobile operating systems. There are undoubtedly other malicious tools that have been in the wild for a while, yet have not become public knowledge, but hackers are likely emboldened that the iOS operating system is still very hackable and efforts will increase going forward. These nation-level attacks, which have been around for years now, are likely to become more available and may increasingly be used against corporate targets going forward.
- Mobile corporate espionage will become more commonSimilar to the more sophisticated spyware mentioned above, simpler and less expensive tools have been growing in popularity for spying on key corporate executives. Although corporate espionage has been around as long as there have been corporations, hacking mobile devices has a number of advantages over hacking desktops, corporate servers, and datacenters. First, without proper defenses, they can be easier to compromise, combining social engineering attacks with innumerable network, malware and vulnerability exploits. Second, smartphones are always on and always with key targets, so a successful mobile hack can provide unprecedented 24/7 access to a person’s location, private conversations and communications, and even video surveillance that will never be possible with traditional computing devices.
One of our own customers encountered the Exaspy spyware earlier this year, one of a class of tools that has become frighteningly available to the masses, so that corporate espionage no longer requires hacking expertise. We expect this trend to continue, and even accelerate in popularity through 2017.
- Hackers will target the mobile security solutions for attackAn evolving strategy heading into 2017 is for mobile hackers to attack the security solution itself, either to circumvent it or disable it, allowing the primary hack to proceed either undetected or unstopped. Many mobile security solutions provide detection-only or rely on 3rd party systems to mitigate threats. These approaches are easy to defeat. We are seeing a strong trend of defeating remediation strategies and foresee this attacking-pattern to grow rapidly. Providing visibility to attacks is great, but will not be enough in 2017.
Since such an exploit can happen instantly, proactive, automated protection that happens in real time is critical, as human response to notifications will not be fast enough. This strategy of attacking the security solution may take place through malware or network threats, so solutions must be both comprehensive and responsive.
- Exploitation of operating system security flaws will growAlmost every mobile OS update includes new security patches, often described in sufficient detail for hackers to create new exploits against the vulnerability. There is a “window of vulnerability” between the disclosure of the vulnerability and the updating of the mobile device where hackers may enjoy open season. While Apple devices tend to be updated to the latest OS versions fairly quickly, Android suffers severe fragmentation (due to the reliance on device model, manufacturer, carrier, etc.) that can extend this window of vulnerability to 6 months or more for certain devices.
In 2017, hackers will increasingly take advantage of the opportunity, and it will be critical for users and organizations to have visibility into exactly when patches are available and be sure to minimize this exposure. Android vulnerability risk, in particular, may be reduced significantly with accurate visibility of OS upgradability.
- More organizations will adopt a diversified mobile security strategyIT security admins have become increasingly aware that neither traditional security methods, nor MDM or MAM alone, are effective at addressing the varied and advanced threats to mobile security. While awareness always grows ahead of the availability of budgets, in 2017 more organizations will use this knowledge to influence IT budgets and adopt a proper diversified strategy going forward.Early adopters have discovered that a combination of solutions works best to tackle the threats against mobile devices. EMM solutions handle the deployment, policy control and productivity elements of enterprise mobility, while Mobile Threat Defense solutions detect and protect in real time against the active threats against devices in use.
In a recent report, Gartner recommends that enterprises should “Evaluate and implement MTD solutions to strengthen their mobile security posture as a complement to EMM.” Only with this combined approach can organizations effectively manage the risk of employing mobile devices in business, whether they are BYOD, corporate owned, or multi-user.
- Classic operating systems will adopt mobile OS architectureThis last item will extend well beyond 2017, but in the coming year we will see a notable influence of mobile operating system strategies on traditional devices. This will happen both because the style of use is evolving more toward mobile or combination interaction, and also because of the inherent security advantages. Mobile operating systems, in particular Apple’s iOS, employ strict sandboxing of apps, limited API access to system functions and rigid control over app stores, that enhances security and raises the bar for malicious hackers.
As a result of this trend, we believe that security solutions that are built with mobile OS architecture restrictions in mind (privacy conscious, adhering to Google & Apple guidelines, built for app-sandboxing models) will keep on growing in importance and impact on the market, which is why Skycure has taken this path.
We foresee the mobile security market to keep gearing up, both from the attackers and defenders perspective. The challenges facing enterprises who rely on mobile productivity will continue to grow and the likelihood of mobile breaches may continue to climb as hackers focus more and more on these devices that are so excellent for espionage.
Yet there is reason for optimism. We see businesses coming to terms with what is required to secure mobile devices, and will be in a better position to adopt these effective strategies.
Watch the live webinar on January 12, 2017, where I will present a wrap-up of 2016 and discuss all of the 2017 predictions in great detail. REGISTER NOW