Upload
juniper-networks
View
3.429
Download
0
Embed Size (px)
DESCRIPTION
Presentation from Dan Hoffman (Juniper's Chief Mobile Security Evangelist) from the B-Sides mini-conference at RSA 2012 in San Francisco. You can view the video of this presentation here: http://www.brighttalk.com/channel/7651
Citation preview
SERIOUS THREAT OR FUD MACHINE?
THE MOBILE SECURITY DEBATE
Daniel V. HoffmanCISSP, CHFI, CEH
2 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
MOBILE THREATSFEAR, UNCERTAINTY, DOUBT … AND CHARLATANS!
“ IF you work for a company selling virus protection for android, rim or IOS, you should be ashamed of yourself.”
“ If you read a report from a vendor that tries to sell you something based on protecting android, rim or ios from viruses, they are also likely as not to be scammers and charlatans.”
3 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUST THE FACTS
Mobile operating system application stores
Third-party application stores around the world
Known website repositories of malicious applications
Known hacker websites and repositories
Application samples submitted by customers
Application samples submitted by partners
Applications identified “zero day” as malicious by Junos® Pulse Mobile Security Suite
Data obtained from:
4 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNOS PULSE MOBILE THREAT CENTER Worldwide 24/7 Team of Leading Security Experts
Former Marine Computer Emergency Response Center Leadership and U.S. Coast Guard Telecommunication Specialists
Numerous PhDs Certified Information Systems Security Professionals
(CISSP) Certified Ethical Hackers (CEH),Certified Hacking
Forensic Investigators (CHFI) and Certified Wireless Network Administrator (CWNA)
Team Members in Ohio, California, Florida, Massachusetts, England, Sweden, India, Japan, etc.
Authors: “Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise” and “Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control”
5 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Copyright 2008 SMobile SystemsPage 5
Mobile Security Threat Environment
MOBILE SECURITY – WHAT ARE THE THREATS?
Malware – Viruses, Worms, Trojans, SpywareMalware – Viruses, Worms, Trojans, Spyware
Direct Attack – Attacking device interfaces, Network DoS, Malicious SMSDirect Attack – Attacking device interfaces, Network DoS, Malicious SMS
Loss and Theft – Accessing sensitive dataLoss and Theft – Accessing sensitive data
Data Communication Interception – Sniffing data as it is transmitted and receivedData Communication Interception – Sniffing data as it is transmitted and received
Exploitation and Misconduct – Online predators, pornography, inappropriate communications, data leakage
Exploitation and Misconduct – Online predators, pornography, inappropriate communications, data leakage
6 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER MOBILE THREAT REPORT
TOTAL MOBILE MALWARE SAMPLES ACROSS ALL OPERATING SYSTEMS
7 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
AMOUNT OF MALWARE SAMPLES DISCLOSED PER VENDOR
8 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
AMOUNT OF ANDROID MALWARE SAMPLES DISCLOSED PER VENDOR
9 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER MOBILE THREAT REPORT
UNIQUE MOBILE MALWARE SAMPLES DETECTED BY OPERATING SYSTEM
10 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER MOBILE THREAT REPORT
TYPES OF MALWARE TARGETING MOBILE DEVICES
FAKE INSTALLER VS. ALL OTHER ANDROID MALWARE
11 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
CUMULATIVE ANDROID MALWARE INCREASE
MARKET SHARE OF SMARTPHONE SUBSCRIBERS BY PLATFORM
JUNIPER MOBILE THREAT REPORT
12 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER MOBILE THREAT REPORT2011 NOTABLE EVENTS
13 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
WHAT IS A FAKE INSTALLER?
14 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER MOBILE THREAT REPORT
REMOTE DEVICE MANAGEMENT: INCIDENCE OF CAPABILITIES USED
15 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER MOBILE THREAT REPORT – WI-FI SNIFFING
16 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
GOOGLE "BOUNCER" ANDROID MARKET SCANNING
Google’s standard for what is considered malicious is considerably lower than ours
A very large growth area we’ve seen in malware is around Fake Installers
Another key area of malware is around SMS Trojans
Google is only scanning the Android Market; the dramatic growth of malware we are noting is taking place outside of the Android Market and in third-party application stores
Juniper’s holistic approach analyzes protection to the full range of mobile security threats
17 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
CARRIER NETWORK
SRX/IDS/IPS
CARRIER NETWORK
SRX/IDS/IPS
LAN
ENTERPRISE NETWORK
NAC (Network Access Control) at Juniper SAs
ENTERPRISE NETWORK
NAC (Network Access Control) at Juniper SAs
1 On-device Zero Day Protection stops malware on the device2 IDS signatures detect malicious network traffic on network3 NAC (Network Access Control) at Juniper SAs to deny insecure devices access to network resources4 Shared Threat knowledge enables firewall rules to block network traffic destined for spyware server.
‘DroidDreamZero-day at the
handset
‘DroidDreamZero-day at the
handset
RAN
PROTECTING AGAINST A MOBILE ATTACK
18 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Do you have mobile security software installed on your device?Do you have mobile security software installed on your device?
Has your company suffered a mobile security incident?Has your company suffered a mobile security incident?
Does your company have an official security policy for mobile devices?Does your company have an official security policy for mobile devices?
QUESTIONS FOR THE AUDIENCE