Mike Murray, Vice President of Security Intelligence at Lookout, examined advanced persistent threats (APTs) and their impact on today’s organizations during his presentation to Argyle’s Chief Information Security Officer (CISO) membership at the 2017 Chief Information Security Officer Leadership Forum in Los Angeles on November 9. In his presentation, “Those APTs You’re So Worried About Are Mobile Too,” Murray explained why organizations need to allocate time and resources to safeguard employees’ smartphones and tablets against APTs.
According to Murray, the information security landscape continues to change. No longer can CISOs take a wait-and-see approach to malware, ransomware and other cyber threats. Instead, they must be proactive in identifying and resolving cyber-attacks before they escalate.
CISOs must also analyze new cybersecurity challenges, including a wide range of APTs. If CISOs can understand the root causes of cyber-attacks and the APTs behind them, they may be better equipped to minimize risk across their respective organizations.
“Security is moving really quickly, and security is evolving really fast,” Murray said. “We are seeing a sea change in the world that is moving security in a direction that no one is really aware of, and it’s a change that we all really need to think about.”
Many organizations are embracing mobile devices and enabling employees to perform day-to-day tasks remotely. Although these efforts help drive increased organizational productivity and efficiency, they may put organizations at greater risk.
“We have moved to a post-perimeter world,” Murray said. “With all these users on mobile devices, most users who sit on your office are not on your network.”
How a CISO approaches APTs and their impact on mobile device users could have long-lasting ramifications on an organization and its employees.
“The mobile device has gone from a part of a cyberattacker’s requirements to the part of the attacker’s requirements.”
CISOs who emphasize mobile security are better equipped to ensure all data is protected, regardless of where it is stored. Furthermore, he or she may be able to deploy an effective mobile security strategy, ensuring their organization is protected against various mobile dangers both now and in the future.
“We are used to finding APTs with a defense strategy…but if cyber-attackers are attacking a mobile device, you don’t have this strategy,” Murray pointed out.
No longer are hackers launching attacks against desktop computers. Cyber-criminals are targeting mobile users, and this trend is likely to continue for years to come.
As more organizations embrace state-of-the-art technologies like cloud computing, smartphones and tablets, more workers will use these technologies to store critical data. But Cyber-criminals understand how to penetrate mobile defenses and can use APTs to retrieve mobile device users’ sensitive information from any location, at any time.
“The mobile device has gone from a part of a cyber-attacker’s requirements to the part of the attacker’s requirements, because the attacker must compromise the mobile device to do anything of import within an environment,” Murray said.
There is no shortage of sensitive information stored on a smartphone or tablet, either. Hackers are likely to target mobile device users, as these cyber-criminals are able to quickly and effortlessly gain access to a wealth of critical information.
“We put access to our entire world on our [mobile devices],” Murray stated. “A mobile device gives you access to an entire user’s world … and you carry it around voluntarily into every single meeting.”
Cyberattacks are complex, but CISOs who understand the root causes of these attacks can boost the likelihood of identifying and addressing them.
“Security is moving really quickly, and security is evolving really fast.”
For example, many mobile attacks leverage social engineering techniques and require an end user to perform activities to download malicious attachments or files. If CISOs educate employees about social engineering techniques, how they work and the dangers associated with downloading malicious attachments or files, they can limit the risk of data breaches.
“The nice thing about mobile [attacks] is that they always look the same. [These attacks] always start with a social engineering message,” Murray noted.
CISOs must constantly search for ways to improve their respective organizations’ mobile security strategies.
New technologies may make it easy for employees to secure data and access it without delay. On the other hand, these technologies must be supported by security protocols and systems to ensure optimal effectiveness. And if CISOs frequently search for ways to protect mobile users, he or she can safeguard an organization’s sensitive data on all devices, at all times.
“We have all these controls built up to catch intrusions in [the PC space]. Unfortunately, cyber-attackers have moved into the mobile space … because the mobile device is such a beautifully fertile target,” Murray indicated. “If you’re not looking for cyber-attackers [on mobile], that’s where they are.”
Mike Murray is the VP of Security Intelligence at Lookout. For nearly two decades, Mike has focused on high-end security research, first as a researcher and penetration tester and then building and leading teams of highly skilled security professionals. He previously lead Product Development Security at GE Healthcare, where he built a global team to secure the Healthcare Internet of Things. Prior to that, he co-founded The Hacker Academy and MAD Security, and has held leadership positions at companies including nCircle Network Security, Liberty Mutual Insurance and Neohapsis.