SERIOUS THREAT OR FUD MACHINE?

THE MOBILE SECURITY DEBATE

Daniel V. HoffmanCISSP, CHFI, CEH

2 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

MOBILE THREATSFEAR, UNCERTAINTY, DOUBT … AND CHARLATANS!

“ IF you work for a company selling virus protection for android, rim or IOS, you should be ashamed of yourself.”

“ If you read a report from a vendor that tries to sell you something based on protecting android, rim or ios from viruses, they are also likely as not to be scammers and charlatans.”

3 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUST THE FACTS

Mobile operating system application stores

Third-party application stores around the world

Known website repositories of malicious applications

Known hacker websites and repositories

Application samples submitted by customers

Application samples submitted by partners

Applications identified “zero day” as malicious by Junos® Pulse Mobile Security Suite

Data obtained from:

4 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUNOS PULSE MOBILE THREAT CENTER Worldwide 24/7 Team of Leading Security Experts

Former Marine Computer Emergency Response Center Leadership and U.S. Coast Guard Telecommunication Specialists

Numerous PhDs Certified Information Systems Security Professionals

(CISSP) Certified Ethical Hackers (CEH),Certified Hacking

Forensic Investigators (CHFI) and Certified Wireless Network Administrator (CWNA)

Team Members in Ohio, California, Florida, Massachusetts, England, Sweden, India, Japan, etc.

Authors: “Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise” and “Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control”

5 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

Copyright 2008 SMobile SystemsPage 5

Mobile Security Threat Environment

MOBILE SECURITY – WHAT ARE THE THREATS?

Malware – Viruses, Worms, Trojans, SpywareMalware – Viruses, Worms, Trojans, Spyware

Direct Attack – Attacking device interfaces, Network DoS, Malicious SMSDirect Attack – Attacking device interfaces, Network DoS, Malicious SMS

Loss and Theft – Accessing sensitive dataLoss and Theft – Accessing sensitive data

Data Communication Interception – Sniffing data as it is transmitted and receivedData Communication Interception – Sniffing data as it is transmitted and received

Exploitation and Misconduct – Online predators, pornography, inappropriate communications, data leakage

Exploitation and Misconduct – Online predators, pornography, inappropriate communications, data leakage

6 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER MOBILE THREAT REPORT

TOTAL MOBILE MALWARE SAMPLES ACROSS ALL OPERATING SYSTEMS

7 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

AMOUNT OF MALWARE SAMPLES DISCLOSED PER VENDOR

8 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

AMOUNT OF ANDROID MALWARE SAMPLES DISCLOSED PER VENDOR

9 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER MOBILE THREAT REPORT

UNIQUE MOBILE MALWARE SAMPLES DETECTED BY OPERATING SYSTEM

10 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER MOBILE THREAT REPORT

TYPES OF MALWARE TARGETING MOBILE DEVICES

FAKE INSTALLER VS. ALL OTHER ANDROID MALWARE

11 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

CUMULATIVE ANDROID MALWARE INCREASE

MARKET SHARE OF SMARTPHONE SUBSCRIBERS BY PLATFORM

JUNIPER MOBILE THREAT REPORT

12 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER MOBILE THREAT REPORT2011 NOTABLE EVENTS

13 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

WHAT IS A FAKE INSTALLER?

14 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER MOBILE THREAT REPORT

REMOTE DEVICE MANAGEMENT: INCIDENCE OF CAPABILITIES USED

15 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER MOBILE THREAT REPORT – WI-FI SNIFFING

16 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

GOOGLE "BOUNCER" ANDROID MARKET SCANNING

Google’s standard for what is considered malicious is considerably lower than ours

A very large growth area we’ve seen in malware is around Fake Installers

Another key area of malware is around SMS Trojans 

Google is only scanning the Android Market; the dramatic growth of malware we are noting is taking place outside of the Android Market and in third-party application stores

Juniper’s holistic approach analyzes protection to the full range of mobile security threats

17 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

CARRIER NETWORK

SRX/IDS/IPS

CARRIER NETWORK

SRX/IDS/IPS

LAN

ENTERPRISE NETWORK

NAC (Network Access Control) at Juniper SAs

ENTERPRISE NETWORK

NAC (Network Access Control) at Juniper SAs

1 On-device Zero Day Protection stops malware on the device2 IDS signatures detect malicious network traffic on network3 NAC (Network Access Control) at Juniper SAs to deny insecure devices access to network resources4 Shared Threat knowledge enables firewall rules to block network traffic destined for spyware server.

‘DroidDreamZero-day at the

handset

‘DroidDreamZero-day at the

handset

RAN

PROTECTING AGAINST A MOBILE ATTACK

18 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

Do you have mobile security software installed on your device?Do you have mobile security software installed on your device?

Has your company suffered a mobile security incident?Has your company suffered a mobile security incident?

Does your company have an official security policy for mobile devices?Does your company have an official security policy for mobile devices?

QUESTIONS FOR THE AUDIENCE