SlideShare a Scribd company logo

Mobile Security Basics

anandraje
anandraje
Technology
1 of 60
Mobile Security ANAND RAJE DIRECTOR, RABT TECHNOLOGIES PVT. LTD. VP MEMBERSHIP ISOC KOLKATA CHAPTER engage with us @ techsymposium.in
Played Angry birds in your Mobile? engage with us @ techsymposium.in
Do you know? What a malware affected clone of Angry birds can do! engage with us @ techsymposium.in
Within seconds of starting your app it will Start spamming your friend with SMS Download your Address Book locate you using your phone’s GPS Get access to your camera and see a live stream from it without your knowledge engage with us @ techsymposium.in
What to do? engage with us @ techsymposium.in
Stop using smart phones, tablets? or engage with us @ techsymposium.in
Learn the basic guidelines of secured uses of technology engage with us @ techsymposium.in
Learn to develop secured apps and new technologies engage with us @ techsymposium.in
This session will explore Latest trends of Mobile Phone uses, threats, frauds and security vulnerabilities How mobile phone malwares work Mobile phone uses best practices engage with us @ techsymposium.in
In 2013, people will purchase more than 1.2 billion mobile devices surpassing PCs as the most common internet access device in the world. Mobile platforms will continue to expand at breakneck speed, as people are forecast to download over 70 billion mobile apps in 2014. engage with us @ techsymposium.in
Threats engage with us @ techsymposium.in
Threat 1 Mobile malware is a profitable business. The mobile malware industry has matured and become a viable business model for attackers. engage with us @ techsymposium.in
Threat 2 One type of malware designed for profit ‘Toll Fraud’ is the most prevalent type of malware. Primarily impacting Eastern Europe and Russia. Toll Fraud has successfully stolen millions from consumers. engage with us @ techsymposium.in
Threat 3 As the mobile industry evolves so do mobile threats. Fraudsters are tampering with legitimate mobile tools and advertising systems to achieve broader distribution and make more money. engage with us @ techsymposium.in
Threat 4 Mobile privacy is a growing issue. 5% of free Android mobile applications contain one or more aggressive ad networks, which can access personal information or display confusing ads. In addition, a number of high- profile iOS applications raised red flags about privacy issues this year. engage with us @ techsymposium.in
Threat 5 The likelihood of encountering mobile malware greatly depends on your geographic location and user behavior. Android malware likelihood is much higher in Russia, Ukraine and China than elsewhere. In terms of user behavior, people who download apps outside of trusted sources like Google Play have a higher likelihood of encountering malware. engage with us @ techsymposium.in
Threat 6 Mobile malware distribution techniques are diversifying. Attackers are using a combination of new and existing distribution techniques, including email spam, hacked websites that enable drive-by-downloads and affiliate-based marketing. engage with us @ techsymposium.in
Mobile Threat trends engage with us @ techsymposium.in
Learning Basics engage with us @ techsymposium.in
Malware Malware is software that performs malicious actions while installed on your phone. Without your knowledge, malware can make charges to your phone bill, send unsolicited messages to your contact list, or give an attacker control over your device. engage with us @ techsymposium.in
Spyware Designed to gather data about a large group of users, spyware collects or transmits sensitive data about a user without their knowledge or consent. Such data can often includes phone logs, text messages or location, browser history, or contact lists. engage with us @ techsymposium.in
define Malwares You know the meaning of Biological FAMILY engage with us @ techsymposium.in
define Malwares a family is made up of a number of individuals that share important common elements that together define the group as a whole. engage with us @ techsymposium.in
define Malwares A Malware Family The common elements are often particular sections of code or associated data that define how it executes key functional behaviors and can include distinct communications protocols, Command and Control servers, certain images or other application assets, or unique methods chosen to escalated privileges. engage with us @ techsymposium.in
define Malwares How we identify an individual? Within a biological species, individuals have distinguishing traits that make them identifiable such as eye color, height or weight engage with us @ techsymposium.in
define Malwares How we identify an Instance of malware? while malware or spyware instances can often include very minor differences that distinguish them within a group, they are inherently cut from the same cloth. engage with us @ techsymposium.in
define Malwares Variants If two malware instances are different enough in construction to stretch the boundary of an instance, they may be defined as separate variants. engage with us @ techsymposium.in
define Malwares Malware families can differ greatly in the number of instances or variants they contain. Some families may be composed of only a handful of samples while others may include thousands. engage with us @ techsymposium.in
Evade Antivirus detection When malware writers distribute thousands of samples that feature only extremely minor differences between one another, they may be trying to evade detection. Even the smallest difference can be enough to defeat simple methods of detection such as file hash identification. engage with us @ techsymposium.in
The threat trend - Overall engage with us @ techsymposium.in
The big family engage with us @ techsymposium.in
The threat trend – Unique Malware Instances engage with us @ techsymposium.in
The likelihood that a given device contains malware or spyware is heavily dependent on geographic location, varying from .04% in Japan to 41.6% in Russia. engage with us @ techsymposium.in
engage with us @ techsymposium.in
How Mobile Phone malwares work? engage with us @ techsymposium.in
‘Tall Fraud’ engage with us @ techsymposium.in
What happens when you download a ringtone? Wireless Providers: Run the network and send you bills Aggregator: middleman for premium SMS transactions, who maintain the technical and service level requirements of each wireless network. engage with us @ techsymposium.in
How Tall Fraud Works? Wireless Providers: Run the network and send you bills Aggregator: middleman for premium SMS transactions, who maintain the technical and service level requirements of each wireless network. engage with us @ techsymposium.in
‘AD Network Hijacking’ engage with us @ techsymposium.in
How Ad Network Hijacking works? engage with us @ techsymposium.in
‘Gaming the App Eco-System’ engage with us @ techsymposium.in
Gaming the App Eco-System? engage with us @ techsymposium.in
‘Drive by Download’ engage with us @ techsymposium.in
How misleading file names are a common social engineering tactic for drive-by downloads engage with us @ techsymposium.in
‘Web Based Threats’ engage with us @ techsymposium.in
Malicious websites are often distribution points for malicious applications. COMPROMISED websites are legitimate websites that have been infected by a bad actor to scam or defraud visitors Phishing sites are designed to mimic legitimate sites. engage with us @ techsymposium.in
Best Practices for secured uses engage with us @ techsymposium.in
How to stay Safe? Avoid toll fraud, regularly check your phone bill: Always review your monthly phone bill statements for suspicious charges. Contact your carrier if you identify something you believe to be fraud. engage with us @ techsymposium.in
How to stay Safe? Double-check URLs on your mobile: After clicking on a web link, pay close attention to the address to make sure it matches the website it claims to be, especially if you are asked to enter account or login information. engage with us @ techsymposium.in
How to stay Safe? Protect your privacy, understand app permissions: Be cautious about granting applications access to personal information on your phone or letting the application have access to perform functions on your phone. Make sure to check the privacy settings for each app before installing it. engage with us @ techsymposium.in
How to stay Safe? Be smart about device settings: Keep network connectivity such as NFC / WiFi, or Bluetooth ‘OFF’ when not in use. Be sure to disable settings such as debug mode that can open a device up to illicit access. engage with us @ techsymposium.in
How to stay Safe? Download a security app: Download a security app that scans the apps you download for malware and spyware, helps you locate a lost or stolen device, and protects you from unsafe websites. engage with us @ techsymposium.in
How to stay Safe? Update your phone and apps: Make sure to download and install updates from your mobile operator as soon as they are available for your device. The same goes for apps, download app updates when they are available. engage with us @ techsymposium.in
How to stay Safe? Raise employee awareness: Help employees understand the threats and risks out there so that employees can take action to safeguard their phones. engage with us @ techsymposium.in
How to stay Safe? Protect employees’ phones: Ensure that every phone – personal or company – is protected with a mobile security app for business that finds malware, scans apps, and locates and remotely wipes the device. engage with us @ techsymposium.in
How to stay Safe? Patch known vulnerabilities: Keep employee phones’ operating system software up-to- date by enabling automatic updates or accepting service provider’s updates when prompted. Stay up to speed on what vulnerabilities are not patched across device types and carriers to maintain a proper threat model. The National Institute of Standards and Technology offers a database of device vulnerabilities. engage with us @ techsymposium.in
How to stay Safe? Set Pass codes engage with us @ techsymposium.in
How to stay Safe? Phone Theft engage with us @ techsymposium.in
References  CRN (www.crn.com)  blog.lookout.com engage with us @ techsymposium.in
Thank you engage with us @ techsymposium.in

Recommended

Security Basics
Security BasicsSecurity Basics
Security BasicsRishi Prasath
 
Information security
Information securityInformation security
Information securityShanthamallachar D B
 
1 security goals
1 security goals1 security goals
1 security goalsdrewz lin
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer securityArzath Areeff
 
Basic practices for information & computer security
Basic practices for information & computer securityBasic practices for information & computer security
Basic practices for information & computer securityPrajktaGN
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Computer security
Computer securityComputer security
Computer securityShashi Chandra
 

Recommended

Security Basics
Security BasicsSecurity Basics
Security BasicsRishi Prasath
 
Information security
Information securityInformation security
Information securityShanthamallachar D B
 
1 security goals
1 security goals1 security goals
1 security goalsdrewz lin
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer securityArzath Areeff
 
Basic practices for information & computer security
Basic practices for information & computer securityBasic practices for information & computer security
Basic practices for information & computer securityPrajktaGN
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Computer security
Computer securityComputer security
Computer securityShashi Chandra
 
Viruses (Lecture) IT Slides # 3
Viruses (Lecture) IT Slides # 3Viruses (Lecture) IT Slides # 3
Viruses (Lecture) IT Slides # 3Muhammad Talha Zaroon
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101Progressive Integrations
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security ThreatsQuick Heal Technologies Ltd.
 
Security concepts
Security conceptsSecurity concepts
Security conceptsartisriva
 
Computer Security
Computer SecurityComputer Security
Computer SecurityFrederik Questier
 
Computer security and
Computer security andComputer security and
Computer security andRana Usman Sattar
 
Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011lbcollins18
 
Basic Security Computere
Basic Security ComputereBasic Security Computere
Basic Security Computererashmi1234
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Gian Gentile
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityswapneel07
 
Information security threats
Information security threatsInformation security threats
Information security threatscomplianceonline123
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityarun alfie
 
BASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSBASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSMd Abu Syeem Dipu
 
Computer security
Computer securityComputer security
Computer securityUniv of Salamanca
 
System vulnerability and abuse
System vulnerability and abuseSystem vulnerability and abuse
System vulnerability and abusePrakash Raval
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentationelihuwalker
 
cyber_security
cyber_securitycyber_security
cyber_securityJana Baxter
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 
Computer security basics
Computer security basicsComputer security basics
Computer security basicsSrinu Potnuru
 
Plmce mysql-101-security-basics
Plmce mysql-101-security-basicsPlmce mysql-101-security-basics
Plmce mysql-101-security-basicsDavid Busby, CISSP
 

More Related Content

What's hot

Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Security concepts
Security conceptsSecurity concepts
Security conceptsartisriva
 
Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011lbcollins18
 
Basic Security Computere
Basic Security ComputereBasic Security Computere
Basic Security Computererashmi1234
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Gian Gentile
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityswapneel07
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityarun alfie
 
BASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSBASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSMd Abu Syeem Dipu
 
System vulnerability and abuse
System vulnerability and abuseSystem vulnerability and abuse
System vulnerability and abusePrakash Raval
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentationelihuwalker
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 

What's hot (20)

Viruses (Lecture) IT Slides # 3
Viruses (Lecture) IT Slides # 3Viruses (Lecture) IT Slides # 3
Viruses (Lecture) IT Slides # 3
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Computer Security 101
Computer Security 101Computer Security 101
Computer Security 101
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
Security concepts
Security conceptsSecurity concepts
Security concepts
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer security and
Computer security andComputer security and
Computer security and
 
Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011Computer security and_privacy_2010-2011
Computer security and_privacy_2010-2011
 
Basic Security Computere
Basic Security ComputereBasic Security Computere
Basic Security Computere
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
Information security threats
Information security threatsInformation security threats
Information security threats
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
BASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESSBASIC IT AND CYBER SECURITY AWARENESS
BASIC IT AND CYBER SECURITY AWARENESS
 
Computer security
Computer securityComputer security
Computer security
 
System vulnerability and abuse
System vulnerability and abuseSystem vulnerability and abuse
System vulnerability and abuse
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentation
 
cyber_security
cyber_securitycyber_security
cyber_security
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
 

Viewers also liked

Computer security basics
Computer security basicsComputer security basics
Computer security basicsSrinu Potnuru
 
Plmce mysql-101-security-basics
Plmce mysql-101-security-basicsPlmce mysql-101-security-basics
Plmce mysql-101-security-basicsDavid Busby, CISSP
 
Network security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureNetwork security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureMuhammad ismail Shah
 
Network basics
Network basicsNetwork basics
Network basicsJunaid AJ
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptographyRahulprasad Yadav
 
Network Basics & Internet
Network Basics & InternetNetwork Basics & Internet
Network Basics & InternetVNSGU
 
Internet architecture
Internet architectureInternet architecture
Internet architectureNaman Rastogi
 
What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?Dr. Mazlan Abbas
 
Basic concepts of computer Networking
Basic concepts of computer NetworkingBasic concepts of computer Networking
Basic concepts of computer NetworkingHj Habib
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securitypatisa
 
Introduction to computer network
Introduction to computer networkIntroduction to computer network
Introduction to computer networkAshita Agrawal
 
Internet of Things and its applications
Internet of Things and its applicationsInternet of Things and its applications
Internet of Things and its applicationsPasquale Puzio
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 

Viewers also liked (18)

Computer security basics
Computer security basicsComputer security basics
Computer security basics
 
Plmce mysql-101-security-basics
Plmce mysql-101-security-basicsPlmce mysql-101-security-basics
Plmce mysql-101-security-basics
 
Network security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureNetwork security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architecture
 
Security Basics - Internet Safety
Security Basics - Internet SafetySecurity Basics - Internet Safety
Security Basics - Internet Safety
 
Network basics
Network basicsNetwork basics
Network basics
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptography
 
Network Basics & Internet
Network Basics & InternetNetwork Basics & Internet
Network Basics & Internet
 
Internet architecture
Internet architectureInternet architecture
Internet architecture
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?
 
Basic concepts of computer Networking
Basic concepts of computer NetworkingBasic concepts of computer Networking
Basic concepts of computer Networking
 
IoT architecture
IoT architectureIoT architecture
IoT architecture
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Introduction to computer network
Introduction to computer networkIntroduction to computer network
Introduction to computer network
 
Internet of Things and its applications
Internet of Things and its applicationsInternet of Things and its applications
Internet of Things and its applications
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 

Similar to Mobile Security Basics

Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxDomain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxInfosectrain3
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
supply chain management.pptx
supply chain management.pptxsupply chain management.pptx
supply chain management.pptxMinnySkyy
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxarnoldmeredith47041
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attackskevinmass30
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importancemanoharparakh
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes MainstreamRob Marson
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017Accelerate Tech
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrimethinkwithniche
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanismCAS
 

Similar to Mobile Security Basics (20)

Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxDomain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 
supply chain management.pptx
supply chain management.pptxsupply chain management.pptx
supply chain management.pptx
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacks
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importance
 
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptxCS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes Mainstream
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanism
 

Recently uploaded

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Recently uploaded (20)

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Mobile Security Basics

  • 1. Mobile Security ANAND RAJE DIRECTOR, RABT TECHNOLOGIES PVT. LTD. VP MEMBERSHIP ISOC KOLKATA CHAPTER engage with us @ techsymposium.in
  • 2. Played Angry birds in your Mobile? engage with us @ techsymposium.in
  • 3. Do you know? What a malware affected clone of Angry birds can do! engage with us @ techsymposium.in
  • 4. Within seconds of starting your app it will Start spamming your friend with SMS Download your Address Book locate you using your phone’s GPS Get access to your camera and see a live stream from it without your knowledge engage with us @ techsymposium.in
  • 5. What to do? engage with us @ techsymposium.in
  • 6. Stop using smart phones, tablets? or engage with us @ techsymposium.in
  • 7. Learn the basic guidelines of secured uses of technology engage with us @ techsymposium.in
  • 8. Learn to develop secured apps and new technologies engage with us @ techsymposium.in
  • 9. This session will explore Latest trends of Mobile Phone uses, threats, frauds and security vulnerabilities How mobile phone malwares work Mobile phone uses best practices engage with us @ techsymposium.in
  • 10. In 2013, people will purchase more than 1.2 billion mobile devices surpassing PCs as the most common internet access device in the world. Mobile platforms will continue to expand at breakneck speed, as people are forecast to download over 70 billion mobile apps in 2014. engage with us @ techsymposium.in
  • 11. Threats engage with us @ techsymposium.in
  • 12. Threat 1 Mobile malware is a profitable business. The mobile malware industry has matured and become a viable business model for attackers. engage with us @ techsymposium.in
  • 13. Threat 2 One type of malware designed for profit ‘Toll Fraud’ is the most prevalent type of malware. Primarily impacting Eastern Europe and Russia. Toll Fraud has successfully stolen millions from consumers. engage with us @ techsymposium.in
  • 14. Threat 3 As the mobile industry evolves so do mobile threats. Fraudsters are tampering with legitimate mobile tools and advertising systems to achieve broader distribution and make more money. engage with us @ techsymposium.in
  • 15. Threat 4 Mobile privacy is a growing issue. 5% of free Android mobile applications contain one or more aggressive ad networks, which can access personal information or display confusing ads. In addition, a number of high- profile iOS applications raised red flags about privacy issues this year. engage with us @ techsymposium.in
  • 16. Threat 5 The likelihood of encountering mobile malware greatly depends on your geographic location and user behavior. Android malware likelihood is much higher in Russia, Ukraine and China than elsewhere. In terms of user behavior, people who download apps outside of trusted sources like Google Play have a higher likelihood of encountering malware. engage with us @ techsymposium.in
  • 17. Threat 6 Mobile malware distribution techniques are diversifying. Attackers are using a combination of new and existing distribution techniques, including email spam, hacked websites that enable drive-by-downloads and affiliate-based marketing. engage with us @ techsymposium.in
  • 18. Mobile Threat trends engage with us @ techsymposium.in
  • 19. Learning Basics engage with us @ techsymposium.in
  • 20. Malware Malware is software that performs malicious actions while installed on your phone. Without your knowledge, malware can make charges to your phone bill, send unsolicited messages to your contact list, or give an attacker control over your device. engage with us @ techsymposium.in
  • 21. Spyware Designed to gather data about a large group of users, spyware collects or transmits sensitive data about a user without their knowledge or consent. Such data can often includes phone logs, text messages or location, browser history, or contact lists. engage with us @ techsymposium.in
  • 22. define Malwares You know the meaning of Biological FAMILY engage with us @ techsymposium.in
  • 23. define Malwares a family is made up of a number of individuals that share important common elements that together define the group as a whole. engage with us @ techsymposium.in
  • 24. define Malwares A Malware Family The common elements are often particular sections of code or associated data that define how it executes key functional behaviors and can include distinct communications protocols, Command and Control servers, certain images or other application assets, or unique methods chosen to escalated privileges. engage with us @ techsymposium.in
  • 25. define Malwares How we identify an individual? Within a biological species, individuals have distinguishing traits that make them identifiable such as eye color, height or weight engage with us @ techsymposium.in
  • 26. define Malwares How we identify an Instance of malware? while malware or spyware instances can often include very minor differences that distinguish them within a group, they are inherently cut from the same cloth. engage with us @ techsymposium.in
  • 27. define Malwares Variants If two malware instances are different enough in construction to stretch the boundary of an instance, they may be defined as separate variants. engage with us @ techsymposium.in
  • 28. define Malwares Malware families can differ greatly in the number of instances or variants they contain. Some families may be composed of only a handful of samples while others may include thousands. engage with us @ techsymposium.in
  • 29. Evade Antivirus detection When malware writers distribute thousands of samples that feature only extremely minor differences between one another, they may be trying to evade detection. Even the smallest difference can be enough to defeat simple methods of detection such as file hash identification. engage with us @ techsymposium.in
  • 30. The threat trend - Overall engage with us @ techsymposium.in
  • 31. The big family engage with us @ techsymposium.in
  • 32. The threat trend – Unique Malware Instances engage with us @ techsymposium.in
  • 33. The likelihood that a given device contains malware or spyware is heavily dependent on geographic location, varying from .04% in Japan to 41.6% in Russia. engage with us @ techsymposium.in
  • 34. engage with us @ techsymposium.in
  • 35. How Mobile Phone malwares work? engage with us @ techsymposium.in
  • 36. ‘Tall Fraud’ engage with us @ techsymposium.in
  • 37. What happens when you download a ringtone? Wireless Providers: Run the network and send you bills Aggregator: middleman for premium SMS transactions, who maintain the technical and service level requirements of each wireless network. engage with us @ techsymposium.in
  • 38. How Tall Fraud Works? Wireless Providers: Run the network and send you bills Aggregator: middleman for premium SMS transactions, who maintain the technical and service level requirements of each wireless network. engage with us @ techsymposium.in
  • 39. ‘AD Network Hijacking’ engage with us @ techsymposium.in
  • 40. How Ad Network Hijacking works? engage with us @ techsymposium.in
  • 41. ‘Gaming the App Eco-System’ engage with us @ techsymposium.in
  • 42. Gaming the App Eco-System? engage with us @ techsymposium.in
  • 43. ‘Drive by Download’ engage with us @ techsymposium.in
  • 44. How misleading file names are a common social engineering tactic for drive-by downloads engage with us @ techsymposium.in
  • 45. ‘Web Based Threats’ engage with us @ techsymposium.in
  • 46. Malicious websites are often distribution points for malicious applications. COMPROMISED websites are legitimate websites that have been infected by a bad actor to scam or defraud visitors Phishing sites are designed to mimic legitimate sites. engage with us @ techsymposium.in
  • 47. Best Practices for secured uses engage with us @ techsymposium.in
  • 48. How to stay Safe? Avoid toll fraud, regularly check your phone bill: Always review your monthly phone bill statements for suspicious charges. Contact your carrier if you identify something you believe to be fraud. engage with us @ techsymposium.in
  • 49. How to stay Safe? Double-check URLs on your mobile: After clicking on a web link, pay close attention to the address to make sure it matches the website it claims to be, especially if you are asked to enter account or login information. engage with us @ techsymposium.in
  • 50. How to stay Safe? Protect your privacy, understand app permissions: Be cautious about granting applications access to personal information on your phone or letting the application have access to perform functions on your phone. Make sure to check the privacy settings for each app before installing it. engage with us @ techsymposium.in
  • 51. How to stay Safe? Be smart about device settings: Keep network connectivity such as NFC / WiFi, or Bluetooth ‘OFF’ when not in use. Be sure to disable settings such as debug mode that can open a device up to illicit access. engage with us @ techsymposium.in
  • 52. How to stay Safe? Download a security app: Download a security app that scans the apps you download for malware and spyware, helps you locate a lost or stolen device, and protects you from unsafe websites. engage with us @ techsymposium.in
  • 53. How to stay Safe? Update your phone and apps: Make sure to download and install updates from your mobile operator as soon as they are available for your device. The same goes for apps, download app updates when they are available. engage with us @ techsymposium.in
  • 54. How to stay Safe? Raise employee awareness: Help employees understand the threats and risks out there so that employees can take action to safeguard their phones. engage with us @ techsymposium.in
  • 55. How to stay Safe? Protect employees’ phones: Ensure that every phone – personal or company – is protected with a mobile security app for business that finds malware, scans apps, and locates and remotely wipes the device. engage with us @ techsymposium.in
  • 56. How to stay Safe? Patch known vulnerabilities: Keep employee phones’ operating system software up-to- date by enabling automatic updates or accepting service provider’s updates when prompted. Stay up to speed on what vulnerabilities are not patched across device types and carriers to maintain a proper threat model. The National Institute of Standards and Technology offers a database of device vulnerabilities. engage with us @ techsymposium.in
  • 57. How to stay Safe? Set Pass codes engage with us @ techsymposium.in
  • 58. How to stay Safe? Phone Theft engage with us @ techsymposium.in
  • 59. References  CRN (www.crn.com)  blog.lookout.com engage with us @ techsymposium.in
  • 60. Thank you engage with us @ techsymposium.in