Join other Information Security Professionals and Subscribe

to receive monthly insights on securely enabling business transformation

Bridgeway Insights

What can we learn from the WhatsApp attack?

What can we learn from the WhatsApp attack?

Posted by Lisa Higgins 15 May 2019

It's becoming increasingly common to use WhatsApp for work. This popular app once used solely for social messaging between friends,  is now showing up more often in the workplace. We've even seen reports that at G8 conferences, teams of negotiators use WhatsApp for realtime collaboration with colleagues and even sending tentative proposals between teams.

Both the common usage of the app and the sensitivity of the data combine to make it a potentially dangerous threat. So when WhatsApp this week revealed a number of the app's accounts were attacked by "an advanced cyber actor," panic spread across the globe from users of the extremely popular messaging platform. Luckily this seems to have been a spear phishing attack against selected targets, rather than a wider attack, but the risks are now widely recognised. 

AdobeStock_177973656

Hackers were able to remotely install surveillance software in the attack that was first discovered earlier this month. The news has sent shockwaves across the world as WhatsApp's most favourable feature is it's private end-to-end encryption, meaning messages should only appear on the sender or recipient's device. The surveillance software used in the recent hack would have allowed the attacker to read the target's messages.

On Monday, WhatsApp suggested its 1.5 billion users manually update the app after rolling out a fix to help protect devices from cyber attacks. But this is simply not enough to prevent further attacks of this kind. And now WhatsApp, previously considered as one of the safest apps from cybercrime, has been hacked - it is a real sign that cyber threats are only getting more and more comprehensive and the situation is becoming out of control. WhatsApp is the #1 business app after email - perhaps it's time to think about the security implications of this?

Previously there has been a perception that mobile devices are secure. But this is not accurate to data collected. A recent study by Verizon found more than 33% of businesses had a compromise involving a mobile device in 2018. The data points to a significant uptick versus 2017, in which 27% of respondents had said a mobile device was involved.

The reason for this is cited as businesses “compromising mobile security to get the job done.” The reality is that most organisations have not prioritised security for mobile devices, because they perceive them to be secure.

AdobeStock_68537394

Many security professionals think phishing or social engineering are the only real threat in the mobile space. Given that app stores are relatively well patrolled the belief is applications being installed don’t have malware. But even apps from the controlled iOS and Android stores slip through with malware. And the risk is growing higher given the number of apps is in the billions.

Malware isn’t the only vector threat actors can exploit as mobile devices present other targets, such as rogue access points, jailbroken phones, and outdated OS version on older phones.

What does that mean for my business?

The biggest lesson from this is, if Mobile Threat Defence has not been on your radar, it should be now. To keep your enterprise secure today you need to recruit and integrate a whole new class of threat intelligence.

Mobile Threat Defence management (MTD) is the protection, detection, analysis, and remediation of mobile device-based threats from a device, network, and app perspective. As mobile security and governance frameworks mature, MTD software tools include detection of malicious activities on mobile devices, such as apps, malware, or configuration settings. The technology can also include the ability to protect apps from attacks as well as to detect insecure or risky network connections.

DaveChen_Blog1

What can I do now?

At Bridgeway we suggest the following course of action:

  1. Define a comprehensive mobile security policy;
  2. Determine how many mobile devices are connecting to your corporate network;
  3. Identify data at risk from storage or transaction on mobile devices; and
  4. Consider implementing a mobile threat defense solution (mobile endpoint protection) for your users, especially those that BYOD.

For more information on securing your mobile enterprise download The Securing Mobile Risk report.

To find out more about the right MTD solution for your business, get in touch with one of our experts who can show you how to bring active monitoring and robust cybercrime protection to your organisation before the next attacker strikes.

Contact us through live chat, call 01223 979 090 or email us at info@bridgeway.co.uk

 

Tags
Mobility