THE TOP 6 CYBER SECURITY THREATS TO IOS DEVICES The Top 6 Cyber Security Threats to iOS Devices | White Paper 4. WiFi Man in the Middle (MitM) A MitM attack occurs when the device connects to a rogue WiFi hotspot. Since all communications are passed through the attacker-controlled network device, they can eavesdrop and even alter the network’s communication. MitM attacks have always been a concern for wireless devices, however, the prevalence of smartphones in an individual’s personal and business life has made mobile devices much more attractive targets for this attack. Unfortunately, the typical alert and warning signs that individuals are used to seeing on PCs and laptops are much more subtle in their mobile counterparts. For example, the limited screen real-estate of mobile devices often hides URLs from the user, so they do not validate the URL the browser is pointing to is actually the intended one. ANTIVIRUS SOLUTIONS, WHICH RELY ON KNOWN ATTACK PATTERNS, ARE UNABLE TO PROVIDE PROTECTION FOR UNKNOWN ATTACKS. The best way to thwart these types of attacks is through the use of a VPN to encrypt and isolate the communications. Ideally the VPN would be triggered only when rogue hotspots and other risk factors are detected to maximize the user experience. 5. WebKit Vulnerabilities WebKits enable web browsers to render web pages correctly for a user. Attackers will exploit vulnerabilities in a Webkit to execute scripts of their own. Attackers commonly use them as a springboard for remote device infection. An example of a WebKit was the popular iOS4 jailbreaking technique, named JailbreakMe. It took advantage of flaws in the Safari browser to enable users to jailbreak their device when they visited a dedicated website. To prevent malicious WebKit exploits requires a solution that can identify suspicious behavior and correlate activity with events on the device and network and then stop any data being sent to the attacker. 6. Zero-Day Attacks Zero-day attacks represent exploits of vulnerabilities that have been uncovered – but not yet released. With vulnerability researchers earning purportedly $500K per vulnerability, the race towards exposure is in full throttle. Many times, these vulnerabilities lead to the silent installation of attacks, such as mRATs on a device through a remote exploitation technique. Once on the device, they may enable the attacker to steal passwords, corporate data and emails, as well as capture all keyboard activity (key logging) and screen information (screen scraping). They may also activate the microphone to listen in on conversations and meetings, or act as a botnet to steal contacts or text messages (SMS texts). AV solutions, which rely on known attack patterns to detect attacks, are unable to provide protection for unknown attacks. Organizations need a solution that can identify any suspicious behavior from an app, a device or the network to find and mitigate the impact of zero-day mobile exploits. ©2015 Check Point Software Technologies Ltd. All rights reserved. June 25, 2015 3 Please complete the form to gain access to this content Access Now Related Resources Network Boundaries Have Gone Mobile HOW MOBILE MALWARE COMPROMISES YOUR SECURE CONTAINERS AND ENTERPRISE CONTENT CHECK POINT SANDBLAST ZERO-DAY PROTECTION: THE BEST PROTECTION AT EVERY LEVEL DEMYSTIFYING MOBILE SECURITY ATTACKS THE TOP 4 CYBER SECURITY THREATS TO ANDROID MOBILE DEVICES 3 STEPS TO IMPLEMENTING AN EFFECTIVE BYOD MOBILE SECURITY STRATEGY EXPOSING THE UNKNOWN: HOW SANDBOXING TECHNOLOGY FIGHTS MODERN THREATS THREAT RESEARCH: TARGETED ATTACKS ON Enterprise ENTERPRISE MOBILE
The Top 6 Cyber Security Threats to iOS Devices | White Paper 4. WiFi Man in the Middle (MitM) A MitM attack occurs when the device connects to a rogue WiFi hotspot. Since all communications are passed through the attacker-controlled network device, they can eavesdrop and even alter the network’s communication. MitM attacks have always been a concern for wireless devices, however, the prevalence of smartphones in an individual’s personal and business life has made mobile devices much more attractive targets for this attack. Unfortunately, the typical alert and warning signs that individuals are used to seeing on PCs and laptops are much more subtle in their mobile counterparts. For example, the limited screen real-estate of mobile devices often hides URLs from the user, so they do not validate the URL the browser is pointing to is actually the intended one. ANTIVIRUS SOLUTIONS, WHICH RELY ON KNOWN ATTACK PATTERNS, ARE UNABLE TO PROVIDE PROTECTION FOR UNKNOWN ATTACKS. The best way to thwart these types of attacks is through the use of a VPN to encrypt and isolate the communications. Ideally the VPN would be triggered only when rogue hotspots and other risk factors are detected to maximize the user experience. 5. WebKit Vulnerabilities WebKits enable web browsers to render web pages correctly for a user. Attackers will exploit vulnerabilities in a Webkit to execute scripts of their own. Attackers commonly use them as a springboard for remote device infection. An example of a WebKit was the popular iOS4 jailbreaking technique, named JailbreakMe. It took advantage of flaws in the Safari browser to enable users to jailbreak their device when they visited a dedicated website. To prevent malicious WebKit exploits requires a solution that can identify suspicious behavior and correlate activity with events on the device and network and then stop any data being sent to the attacker. 6. Zero-Day Attacks Zero-day attacks represent exploits of vulnerabilities that have been uncovered – but not yet released. With vulnerability researchers earning purportedly $500K per vulnerability, the race towards exposure is in full throttle. Many times, these vulnerabilities lead to the silent installation of attacks, such as mRATs on a device through a remote exploitation technique. Once on the device, they may enable the attacker to steal passwords, corporate data and emails, as well as capture all keyboard activity (key logging) and screen information (screen scraping). They may also activate the microphone to listen in on conversations and meetings, or act as a botnet to steal contacts or text messages (SMS texts). AV solutions, which rely on known attack patterns to detect attacks, are unable to provide protection for unknown attacks. Organizations need a solution that can identify any suspicious behavior from an app, a device or the network to find and mitigate the impact of zero-day mobile exploits. ©2015 Check Point Software Technologies Ltd. All rights reserved. June 25, 2015 3
