Is it safe to go mobile? New security threats keep your IT team up at night.

The classic 1978 film, Jaws 2, leveraged one of the famous movie taglines ever: “Just when you thought it was safe to go back in the water…” In the movie trailer, fictional Police Chief Brody famously states, “I think we may have another shark problem.”

How does a decades-old film relate to the concerns of today’s IT managers? Because, just when IT managers began to confidently address many of their Web-based and network-related vulnerabilities, along came a new and complex threat variant designed to feast on their valuable organizational data and keep them up at night: mobile malware. Now, let’s explore significant risks posed by mobile threats, and offer practical solutions to address the risks they pose.

Mobile Threat Landscape

Not so long ago, predictions stated that smartphones and tablets weren’t particularly susceptible to malware and hacking. That hasn’t proven to be the case. Instead, organizations’ growing use of mobile technology has been accompanied by an explosion of malware growth. Case in point: Published reports have indicated that malware aimed at mobile platforms grew 614 percent in the one-year period ending March 2013, nearly 450 percent faster than in the year before.

With the pronounced growth in mobile malware, mobile vulnerabilities currently represent 4 percent of total vulnerability disclosures, up from less than 1 percent in 2009, according to the IBM X-Force 2013 Mid-Year Trend and Risk Report.

In late 2013, IBM partner Arxan Technologies identified and reviewed hacked versions of top iOS and Android apps from third-party sites outside of official Apple and Google app stores. They also reviewed 15 highly-popular free apps for iOS and the same 15 free apps for Android. In addition, 40 popular financial apps were reviewed, with a breakdown of 20 per platform. Arxan’s sample size totaled 230 apps.

To give you a sense of the pervasive nature of mobile risk, Arxan’s research determined that amongst top 100 paid applications:

  • 56% of apps on Apple iOS had been hacked

Amongst popular free applications:

  • 73% on Android had been hacked
  • 53% on Apple iOS had been hacked

Safeguarding Your Organization Against Mobile Threats

How do you balance the increased productivity and flexibility offered by mobile technology against growing security risks associated with mobile’s widespread usage? And, how do you manage the myriad of new security threats that are emerging in the marketplace? In 2012, IBM predicted that mobile computing devices were driving security controls and technology that hadn’t previously existed for traditional endpoint devices. But, how does your organization stay at the forefront of the mobile technology curve?

In order to address the growing market need for improved mobile protection, IBM is announcing two exciting new security solutions:

  • IBM Security Access Manager 8.0 all in-one appliance – powered by X-Force, Trusteer, and QRadar – to protect web and mobile applications from threat and vulnerabilities.
  • IBM Security AppScan 9.0 to help you identify and fix vulnerabilities in mobile source code and make your organization’s applications less susceptible to malware attacks.

The new release permits you to integrate your AppScan and IBM Worklight activities, so you can conveniently expand your overall IBM relationship and enhance security protection. You can read more details about what we are announcing below.

Transaction Security: Release of IBM Security Access Manager 8.0

As organizations expand their business models to delivery via mobile, cloud and social platforms, a powerful access management solution is required to create and enforce session management and context-aware access policies across wide-ranging web and mobile applications. Solutions also need to protect your web and mobile applications from threats and vulnerabilities, through reliable threat protection mechanisms. And, gaining insight into user activity has become a critical requirement for you to effectively protect business assets and achieve your compliance goals.

On February 18th, IBM announced availability of the 8.0 version of Security Access Manager, the“all-in-one” appliance, which includes two modules – IBM Security Access Manager for Web 8.0 and IBM Security Access Manager for Mobile 8.0.

Provided to your organization as a virtual or hardware-based appliance, IBM Security Access Manager protects Web and mobile applications from threats and vulnerabilities through an advanced threat protection mechanism. As such, it enables you to conveniently create and enforce session management, application protection, and context-aware access policies across a wide range of Web and mobile applications. Expanded integration with IBM X-Force Threat Intelligence, IBM QRadar Security Intelligence Platform and Trusteer Mobile SDK help you to expand your end-to-end security capabilities.

Our new solution’s delivered to you in a modular package, so you can deploy it for an initial use-case (for example, traditional Web access management,) and then expand your implementation to other use-cases, such as mobile security.

For a summary of Security Access Manager 8.0’s capabilities, refer to the chart below:

For further details about IBM Security Access Manager 8.0, visit the following: About IBM Security Access Manager for Web.

Application Security Protection: IBM Security AppScan 9.0

IBM® Security AppScan® software enables organizations to assess the security of their applications and achieve regulatory compliance by identifying vulnerabilities and generating reports with intelligent fix recommendations to ease remediation.

At the RSA Conference, IBM announced availability of AppScan 9.0. AppScan 9.0’s enhanced security policy management capabilities permit organizations to identify their highest-risk application vulnerabilities, and prioritize those vulnerabilities for remediation. By remediating vulnerabilities early in the software development cycle, they’re much less expensive to remediate.

Enhanced mobile scanning capabilities in AppScan 9.0 help you to identify and fix vulnerabilities in mobile source code, making your organization’s applications less susceptible to malware attacks. In addition, IBM’s business partnership with Arxan Technologies offers you the ability to further “lockdown” applications against potential attacks.

Lastly, the new release permits you to integrate your AppScan and IBM Worklight activities, so you can conveniently expand your overall IBM relationship and enhance security protection.

For a summary of AppScan 9.0’s capabilities, refer to the chart below:

For further details about AppScan, visit the following: About IBM Security AppScan

To learn how IBM client West Virginia University protected its student data using IBM Security AppScan, consult: How West Virginia University Protects Sensitive Student Data

More from Application Security

X-Force Identifies Vulnerability in IoT Platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

4 min read

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

12 min read

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

4 min read - Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

4 min read

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

17 min read - Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put a spotlight on this capability and learn more about its potential impact. Specifically, in this post, we will evaluate how Kernel post-exploitation can be used…

17 min read