Other than increasing attack vectors, malware and Trojans today have the capability to steal login credentials via mobile banking applications to access funds in banks and other financial services institutions. cybercriminals can simply create a mobile application that looks similar to a banking application, and use spear-phishing to steal login credentials. Some malware, like Dyre or Dyreza, directly target corporate banking accounts and have successfully stolen upwards of a million dollars from unsuspecting companies.
Layered defence, proactivity and strong mobile policies
With insider threat accounting for majority of breaches in the first half of 2015, it is more pertinent than ever that organisations keep pace with today's fast-moving cybercriminals. They should implement necessary measures to secure their Internet-facing applications. This should be at the top of their priority list, as that is a natural channel for cybercriminals, who are always looking for opportunities to infiltrate a network. Importantly, jail-breaking devices should also be discouraged, as this presents to cybercriminals a means to embed malware via unauthenticated mobile apps to access networks.
Firstly, an in-depth defence strategy, along with the use of the right technologies, is an imperative. One common misconception is that using technology like a firewall is sufficient to protect an organisation's networks but this no longer holds true today. Organisations must look at other technologies, such as web application firewalls. Such web attacks are often tuned and created for a particular application, and are missed by traditional security measures.
Even though remediation — fixing things after a breach — plays its role, it pays even more to be proactive in securing your networks. A remediation scenario is reactive in nature and the forensic team traces back the cause of the breach, provides a report, and remediate after the incident. On the other hand, proactively securing your organisation may not catch 100 percent of all attacks but still, this is far better than not having any shield to at least ward off most attacks.
Lastly, there is also a need to fight against complacency and shed the "it won't happen to me" attitude, where they see their neighbours getting attacked and think it won't happen to them.
Organisations should establish mobile device security policies that define guidelines, principles, and practices on how mobile devices are treated, regardless of whether they are issued by the company or owned by individuals. These policies should cover areas such as roles and responsibilities, infrastructure security, device security, and security assessments.
By establishing security policies, organisations can create a framework for applying practices, tools, and training to help support the security of corporate networks. Training employees to keep them informed and up-to-date on its mobile security policies can also help the organisation ensure that mobile devices are configured, operated, and used securely and appropriately.