Almost every week, we hear of a new, scary mobile threat. The unstated implication in most cases is that this could happen to you. Furthermore, mobile malware is equated in many people’s minds with attacks against Windows computers and data center servers where a company-wide breach is a likely outcome. While that’s unlikely to be the case with mobile malware, we’re invariably drawn into deeper and more detailed analysis of mobile components and concepts as we try to determine how to make enterprises safe from each new mobile malware threat.
As we dig deeper into mobile threats, are we failing to see the big picture? Are there times when the cyber equivalent of a telescope should be used to complement all the great mobile security research that takes place under a microscope?
At Appthority, we’ve focused for years not only on malware and device vulnerabilities, but also on how enterprise data is handled and protected. We’ve found, for example, that enterprises care deeply about whether their mobile apps send data to China or Russia. We’ve discovered that most iOS apps don’t encrypt the data they send to backend servers—only 3% were fully ATS compliant as of the end of 2016. And we continue to find vulnerabilities in the mobile ecosystem where enterprise data is put at risk.
Most mobile devices leak data in one way or another, and many apps in enterprise environments handle data that’s sensitive or proprietary to corporations. Malware, developed with malicious intent, can leak all data on a device if the OS is compromised, including personal information, call and SMS logs, email and browsing history, and more. But legitimate public store apps can also leak PII, credentials that apply to enterprise resources, location, contacts, and shared documents. Even if the leakage was accidental or was in support of the data collection done by ad networks, it can still compromise an enterprise if the server on which it’s stored gets breached.
Legitimate public store apps can also leak PII, credentials that apply to enterprise resources, location, contacts, and shared documents.
Appthority’s focus includes the security of the mobile device, platform vulnerabilities, against malware, network attacks, risky apps—and the cloud resources used for computation and storage. This led us to discover risks associated with platform services not visible to mobile app users, such as from Uber. More recently we found 43 terabytes of exposed data on over 21,000 backend servers (some of which was ransomed) in a threat we dubbed HospitalGown.
Soon we’ll be publishing our findings on a new threat to enterprise data that showcases how a developer error is creating a massive exposure of enterprise data. Stay tuned for our upcoming Mobile Threat Report with this exclusive Appthority research finding.