This article is about Challenges of smartphone mobile device security.
Mobile security or Smartphone device security, has become increasingly important in mobile computing. Major Concern is that security of personal and business information now stored on smartphones.
More and more users as well as businesses use smartphones to communicate, but also to plan and organize their users' work and also private life. Within Organizations, these technologies are causing knowledgeable changes in the organization of information systems and therefore they have become the source of new risks.
Actually, Smartphones collect amount of sensitive information to which access must be controlled to protect the privacy of the user and the intellectual property of the company.
All smartphones, are preferred targets of attacks. These attacks exploit weaknesses present in smartphones that can come from the different communication mode—like Short Message Service (SMS, text messaging), Multimedia Messaging Service (MMS), Bluetooth ,WiFi and GSM. There are many exploits also that target software vulnerabilities in the browser or operating system. And some of the malicious software relies on the weak knowledge of an average user.
Security countermeasures are developed as well as applied to smartphones, from security in different layers of software to the dissemination of information to users(End User).
Good practices is required at all levels, from design to use, through the development of operating systems, software layers, and downloadable apps.
Challenges of smartphone mobile security
Smartphone mobile security - Threats
- A smartphone user is exposed to numerous threats once they use their phone.
- These threats will disrupt the operation of the smartphone, and transmit or modify user data.
- So applications should guarantee privacy and integrity of the data they handle.
- Even some applications may themselves be malware, their activities must be be restricted (for ex, restricting or stooping the apps from accessing location information via GPS,blocking access to the user's address book, sending SMS messages that are billed to the user, etc.).
There are three prime targets for attackers:
Availability: Offensive a smartphone will limit access to that and deprive the owner of its use.
Data: Smartphones are devices for information management, and should contain sensitive information like mastercard numbers, authentication data, private information, activity logs (calendar, call logs);
Identity: Smartphones are extremely customizable, that the device or its contents will simply be related to a particular person.
For ex. , Each mobile device can transmit information related to the owner of the mobile phone contract and an attacker may want to steal the identity of the owner of a smartphone to commit other offenses;
There are variety of threats to mobile devices, including annoyance, stealing money, invading privacy, propagation, and malicious tools.
Malicious applications: Hackers transfer malicious programs or games to third-party smartphone application marketplaces.
The programs steal personal data and open backdoor communication channels to put in further applications and cause alternative issues.
Malicious links on social networks: A good thanks to unfold malware wherever hackers will place Trojans, spyware, and backdoors.
Botnets: attackers infect multiple machines with malware that victims generally acquire via e-mail attachments or from compromised applications or websites. The malware then gives hackers remote control of "zombie" devices, which can then be instructed to perform harmful acts.
Spyware: Attacker or hackers use spyware to hijack phones, allowing them to see text messages ,hear calls and e-mails as well as track someone's location through GPS updates.
The supply of those attacks are a similar actors found within the non-mobile computing space:
- Professionals,commercial or military, who focus on the three targets mentioned above.
- They steal sensitive information from the final public, as well as undertake industrial espionage.
- They will additionally use the identity of these attacked to realize alternative attacks;
- Thieves United Nations agency need to realize financial gain through information or identities they need taken.
- The thieves can attack many folks to extend their potential income.
- Black hat hackers who specifically attack availability.Their primary goal is to develop viruses, and cause damage to the device.In some cases, hackers are interested in stealing data from devices.
- Grey hat hackers United Nations agency reveal vulnerabilities.Their goal is to expose vulnerabilities of the device.Grey hat hackers don't intend on damaging the device or stealing information.
Smartphone mobile security - Consequences
When a smartphone is infected by an attacker, the attacker will try many things:
- The attacker will control the smartphone as a zombie device, that's to mention, a device with that the attacker will communicate and send commands which is able to be accustomed send unsolicited messages (spam) via sms or email.
- The attacker will simply force the smartphone to create phone calls.
- For example, attacker will use the application program interface (API)(library that contains the fundamental functions) PhoneMakeCall by Microsoft, which collects telephone numbers from any source such as telephone book, so decision them.But the attacker can also use this method to call paid services, resulting in a charge to the owner of the smartphone.
- It is additionally terribly dangerous as a result of the smartphone might decision emergency services and so disrupt those services.
- A HACKED smartphone will record conversations between the user and others person and send them to a 3rd party. this may cause user industrial security and privacy problems.
- The attacker can remove the personal (photos, music, videos, etc.) or professional data (contacts, calendars, notes) of the user.
- An aggressor may also steal a user's identity, and their identity (with a duplicate of the user's sim card or maybe the phonephone itself), and thus impersonate the owner.
- This raises security concerns in countries where smartphones can be used to place orders, view bank accounts or are used as an identity card.
- The attacker can prevent the operation and/or be starting of the smartphone by making it unusable.
- This attack can either delete the boot scripts, resulting in a phone without a functioning OS, or modify sure files to create it unusable (e.g. a script that launches at startup that forces the smartphone to restart) or even embed a startup application that would empty the battery.
- The aggressor will scale back the utility of the smartphone, by discharging the battery.For example, they can launch an application that will run continuously on the smartphone processor, requiring a lot of energy and draining the battery.
- One issue that distinguishes mobile computing from ancient desktop PCs is their restricted performance.
- Frank Stajano and Ross Anderson initial delineated this kind of attack, vocation it AN attack of "battery exhaustion" or "sleep deprivation torture".
NOTE: Challenges of smartphone mobile security
TAGS: SMARTPHONE ,HACKER,SMARTPHONE HACKED, MOBILE SECURITY,MOBILE SCAM,DATA THEFT,CHALLENGES OF SMARTPHONE,CYPHERADDA
For More Cyber Security updates go to YouTube Channel top10thinks :-
https://www.youtube.com/channel/UCptPGGb_icNqb57GcCiryBQ
#top10thinks #cypheradda
8 Easy Ways to Secure Your Smartphone Against Hackers -
Very nice Mobile security blog.
ReplyDeletei'm sharing it within my friend circle.
Thanks for sharing this kind of useful information ...
Nice Article,ESSL Biometric is well-known hand held metal detector suppliers have come far in the only remaining century to help treasure seekers and prospectors. Door frame metal detector suppliers
ReplyDeleteWow, such a nice article. This is really helpful for us. Kindly share more that kind of articles. Visit Cyber Security Course
ReplyDeleteThanks for sharing such a nice blog. Kindly share more.
ReplyDeleteVisit Cyber Security Course
Mobile security is most important part. thanks for sharing this knowledgeable information.keep sharing. waiting for your next blog
ReplyDeleteZplus Cyber Secure Technologies
Hi
ReplyDeleteI visited your blog you have shared amazing information, i really like the information provided by you, You have done a great work. I hope you will share some more information regarding Cyber Security. I appreciate your work.
Thanks
Have a Great Day
Nice Post...
ReplyDeleteI'm having very interesting information regarding Hire Hacker