Mobile Security & Analytics: What Works and What Doesnt

Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 1 Hadi Nahari, Chief Security Architect, NVIDIA Varun Kohli, Vice President, Skycure

September, 2015

MOBILE SECURITY & ANALYTICS: WHAT WORKS & WHAT DOESN'T

Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 2

Meet$Your$Speakers$

Hadi$Nahari$Chief$Security$Architect,$$

Mobile$and$So<ware$Pla?orms$NVIDIA$

Varun$Kohli$VP$of$MarkeEng$

Skycure$


Quick$Housekeeping$

• Q&A$panel$is$available$if$you$have$any$quesEons$•  There$will$be$Eme$for$Q&A$at$the$end$$• We$are$recording$this$webinar$for$future$viewing$•  All$aMendees$will$receive$a$copy$of$slides/recording$

Join$the$discussion$using$#mobilethreatdefense$hashtag$on$TwiMer$$

Security:'Easy'to'Get'Wrong'

COPYRIGHT'2015,'Hadi'Nahari'2'

















>3,000,000,000,000'''threats'annually''''

''''''''''''''''''50%' 25%'25%'

legacy'threats'

blocked'

advanced'threats'

'''detected''''''''undetected'

1.6'B''number'of'records'lost'globally'in'2014'

$236'M'recovery'cost'of'Target'breach'(so'far)'

$110$BN$annual'price'tag'

of'cybercrime'

(avg.'$27.3'loss'per'incident)'

15'B'connected'devices'in'2015'

General'Threat'Landscape'

11'COPYRIGHT'2015,'Hadi'Nahari'

Mo2va2on'

•  More'connected'devices'!'more'value'!'added'risk'

•  Security'posture'hasn’t'magically'just'improved'

–  In'many'cases'in'fact'it'has'regressed'

•  Heterogeneous'security'paradigms'

– Device_end'data'is'processed'out'of'band'– Dubious'infrastructure'security'posture'


Increasing'Complexity'

13'

•  Space'Shuale:'~400K'LOC'

COPYRIGHT'2015,'Hadi'Nahari'


14'

•  F22'Raptor'fighter:'~2M'LOC'



15'

•  Linux'kernel'2.2:'~2.5M'LOC'



16'

•  Hubble'telescope:'~3M'LOC'



17'

•  Android'core:'~12M'LOC'



18'

•  Future'Combat'Sys.:'~63M'LOC'



19'

•  Connected'car:'~100M'LOC'



20'

•  Autonomous'vehicle:'~300M'LOC'


Internet'of'Things'(IoT)'

21'

•  Controllers,'processors,'CPUs.'No'standard'comm.'



22'

''

'

•  ~standard'comm.'stack(s):'s2ll'a''

mix'(WiFi,'BT,'NFC,'ZigBee,'etc.)'



23'

''

'

'

'

•  Apps'and'ecosystem'



24'

'

'

•  Transi2on'to'services'



25'

•  Scaled_up'connec2on'!'mass'data'genera2on'


Connected'Vehicle'

26'

•  Basic'connec2vity'


Connected'Vehicle'

27'

•  Autonomous'driving'

(connec2vity!'+data)'


Connected'Vehicle'

28'

•  V2V(++data)'


Connected'Vehicle'

29'

•  V2I'(+++data)'


Connected'Vehicle'

•  Can'they'be'hacked?'


Connected'Vehicle'

•  Concept'hacks'


Connected'Vehicle'

•  Drivetrain'exploits'


Connected'Vehicle'

•  No2ce'the'speed'and'gear''posi2on??'


Connected'Vehicle'

•  Infrastructure'!'VPN'to'backend'

!'1_N'exploits'


35'

Big'Data'&'Infrastructure'


“Big'Data'is'like'teenage'sex:'

''everyone'talks'about'it,'

''nobody'really'knows'how'to'do'it,'

''everyone'thinks'everyone'else'is'doing'it,'

''so'everyone'claims'they'are'doing'it…”'

' ' '–Dan%Ariely,%Duke%University%%

36'


•  More'connec2vity''

!'more'data''


37'


'

''

•  It’s'not'just'the'size'


38'


•  Analy2cs'


39'


•  Privacy'concerns,''scalable'hacking'


40'


•  “…your'call'maybe'monitored''

'''''for'quality'purposes…”'


“On%the%Internet,%nobody%knows%you’re%a%dog.”%–Peter%Steiner%

41'

Pre'IoT/Big'Data'

42'

service provider (SP)

hi, I’m Eva! (eva, password123*)

is there a match? (eva, password123)

! match: issue a token ! no match: deny access

(if match, respond:) “hi Eva! here’s your token:”

… observations

(eva, password123)

×


IoT'/'Big'Data'Era'

43'

service provider

123456 password 12345678

qwerty abc123

(on avg. only five passwords per 40 online accounts per user)

Where to store token(s)???


Result'

44'

''

%

%some%noteworthy%breaches%since%this%report%was%released%


Ac2ons'•  IDENTIFY'the'security%assets'in'your'system'

–  Anything'that'would'be'of'any'value'to'hackers''•  DEVISE'aaacks'

–  Think'like'a'hacker'–  Think'of'ways'to'obtain'illegal'access'to'security'assets'

•  PRIORITIZE$–  Assign'levels'(e.g.'1_5)'to'aaacks'and'assets'–  High_priority'asset'suscep2ble'to'easy'aaack'gets'higher'priority'

•  PROTECT$–  Think'of'making'hackers’'life'difficult'

–  Consult'with'security'professionals'•  ITERATE$

–  Hackers'learn'(and'they’re'good'at'it.)'Security'is'always'work_in_progress'



Ac#ons'(Cont.)'

1.  IDENTIFY the security assets in your system – Anything that would be of any value to hackers

2.  DEVISE attacks – Think like a hacker – Think of ways to obtain illegal access to security assets

3.  PRIORITIZE – Assign levels (e.g.1-5) to attacks and assets – High-priority asset susceptible to easy attack gets higher priority

4.  PROTECT – Think of making hackers’ life difficult – Consult with security professionals

5.  ITERATE – Hackers learn (and they’re good at it.) Security is always work-in-progress


1.'Iden#fy'

•  Assets + Attacks •  How many mobile device in your org

experienced a threat in the last month? - What types of threats? - Where did they come from? - Who was attacked the most? - What was the impact?


2.'Devise'A7acks'

•  Have you been breached?

92% of users click on “Continue” compromising their Exchange identity (username and password)

Continue 92%

Cancel 8%

Source:'Skycure'Threat'Intelligence'


3.'Priori#ze'


4.'Protect'F>'Proac#vely'Protect'

“Waze” of Mobile Security

•  “How do you know if the network you connect to is real or fake?”

•  “What about the app you just

downloaded? Free? Repackaged? Malicious?


5.'Iterate'


Skycure'–'Solu#on'Overview'

•  Policy creation and enforcement •  Reporting and compliance •  Flexible deployment •  Enterprise integrations

•  24x7 detection and protection •  Network, device and app analysis •  Seamless experience •  Multi platform – iOS & Android

Employee IT Team

Mobile Threat Intelligence •  Millions of tests per month •  500K+ networks and apps analyzed •  Zero-day threats •  Predictive Security


h7ps://maps.skycure.com'

RealFTime'Threat'Intelligence'100K+'Global'Threats'Iden#fied'in'2014'


Public'Apps'&'Cloud'Service'


Summary'

•  Mobile/IOT is a low hanging fruit for attackers •  Mobile security threat landscape

-  Physical, Network, Malware, Vulnerabilities

•  Recommendations -  Focus on visibility as a

baseline to security -  Be proactive. Reactive is often

too little too late -  Security solutions for

personal and business needs


Next'Steps'

Request a FREE 30 Day Trial!

[email protected], Phone: 1-800-650-4821

https://www.skycure.com/trial

https://blog.skycure.com

@hadinahari, @SkycureSecurity, @vk_is

https://www.linkedin.com/company/skycure