Anatomy of a Targeted Attack against Mobile Device Management (MDM)

Tags:

Preview:

Click to see full reader

DESCRIPTION

In this engaging session, we demonstrate a live attack technique aimed at bypassing a popular MDM solution with an email encryption offering. Further, we show how the mobile surveillance software effectively renders the encryption feature useless. This demonstration includes a mobile spyware version which directly accesses the MDM’s memory storage, retrieves the plain-text emails and sends them on to a remote server. Finally, we present mitigation techniques to solve against this problem. Differentiate between mass consumer-oriented mobile attacks and targeted mobile cyber-attacks Recognise the shortcoming of MDM as a wholesome security solution Enhance mobile attack mitigation techniques through mobile activity visibility

Citation preview

Anatomy of a Targeted Attack

against Mobile Device

Management (MDM)

MDM: Penetration in the Market

Gartner, Inc. October 2012

TARGETED

MOBILE THREATS

Mobile Remote Access Trojans (aka Spyphones)

Recent High-Profiled Examples

Commercial mRATS

Survey: Cellular Network 2M Subscribers Sampling: 250K

October 2012:

1 / 1000 devices

Survey: Cellular Network 2M Subscribers Sampling: 250K

BYPASSING

MOBILE DEVICE

MANAGEMENT

(MDM) SOLUTIONS

MDMs and Secure Containers

Demo

Let’s Test These Assumptions…

Overview

Step 1: Infect the device / Android

Step 1: Infect the device / iOS

Step 2: Install a Backdoor / Android: Rooting

Step 2: Install a Backdoor / iOS: Jailbreaking

Step 3: Bypass Containerization

Step 3: Bypass Containerization

Step 3: Bypass Containerization

Step 3: Bypass Containerization

MITIGATION

TECHNIQUES

MDM

Mitigation Steps (1)

Mitigation Steps (2)

Mitigation Steps (3)

March 26 2013 → Android Trojan Found in Targeted Attack

A combination of e-mail hacking, "spear phishing," and a Trojan built specifically for Android smartphones to spy on Tibetan activists

Inside of Mobile Targeted Attack

C&C Server

View the software installed on the phone to facilitate customer software hijacking / tool to get software such as QQ, Email, MSN password

Thank You.

Recommended

Kaspersky Anti Targeted Attack Platform...Protection – Market Quadrant 2020. In the independent 'ICSA Labs: Advanced Threat Defense (Q3 2019)' test, Kaspersky Anti Targeted Attack
Documents
Targeted Attacks Detection with SPuNge - Trend Micro · Trend Micro Targeted Attacks Detection with SPuNge 5 In fact, what sets a targeted attack apart from a widespread attack is
Documents
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz support@ipuzzlebiz.com
Documents
Infosecurity Europe 2014 Case Study: Shamoon, a two stage targeted attack
Technology
The Sound of a Targeted Attack - Trend Microdocuments.trendmicro.com/assets/pdf/The-Sound-of-a...4 | The Sound of a Targeted Attack Exposed Services The setup process for the Sonos
Documents
TARGETED CYBER ATTACKS ANATOMY, VIVISECTION AND PROTECTION · TARGETED CYBER ATTACKS ANATOMY, VIVISECTION AND PROTECTION Sergey Gordeychik Deputy CTO, Kaspersky Lab Targeted Attack
Documents
Weapons of Targeted Attack
Documents
The Anatomy of a Targeted Attack - Veritasvox.veritas.com › legacyfs › online › veritasdata › 1.30pm_1435... · 2016-07-04 · SYMANTEC VISION 2014 A targeted attack is an
Documents
Лаборатория Касперского. Александр Бондаренко. Киасофт. "Kaspersky Anti Targeted Attack Platform - стратегия противодействия
Software
2Q Report on Targeted Attack Campaigns - Trend Microabout-threats.trendmicro.com › cloud-content › us › ent... · 2013-09-19 · Trend Micro 2Q Report on Targeted Attack Campaigns
Documents
Лаборатория Касперского. Виталий Федоров "Kaspersky Anti Targeted Attack Стратегия противодействия целевым атакам"
Software
Turla Waterhole Attack Investigation - RiskIQ · The Turla Waterhole attack was a malicious reconnaissance campaign that targeted ministry and embassy websites. All of the targeted
Documents
Copyright © 2017. Trend Micro Incorporated. All rights ... · targeted attack detection TippingPoint ATP for Networks detection engines deliver expanded APT and targeted attack detection
Documents
Hello false flags the art of deception in targeted attack attribution
Technology
A Practical, Targeted, and Stealthy Attack Against WPA Enterprise
Documents
Towards Transferable Targeted Attack - Foundation · Towards Transferable Targeted Attack Maosen Li1, Cheng Deng1*, Tengjiao Li 1, Junchi Yan3, Xinbo Gao1, Heng Huang2,4 1School of
Documents
Targeted attack on France's TV5Monde
Documents
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
Technology
Targeted Attack Trends - Trend Micro Internet Security · 2017-06-14 · 6 | Targeted Attack Trends According to Trend Micro cybersecurity officer, Tom Kellermann, a growing number
Documents
Targeted Attack Protection: A Review of Endgame’s … Endgame...Targeted Attack Protection: A Review of Endgame’s Endpoint Security Platform. Testing Overview (CONTINUED) SANS
Documents