Posts

IoT & Mobile Threats: What Does 2017 Tell Us About 2018?

“SPARTANS! Ready your breakfast and eat hearty. For tonight, WE DINE IN HELL!!”

Remember this passionate line by King Leonidas from the movie “300”? We are at the brink of another war — the modern cyber arms race. You need to gear up and be prepared for the thousands of malicious “arrows” that shoot down on you.

This cyber arms race is aimed against governments, businesses and individuals alike, and it’s comprised of different types and forms of cyber attacks. These attacks grow more sophisticated each year, with over 12,500 new Common Vulnerabilities and Exposures (CVE) reported in 2017 — 78 percent of which were related to network attacks.

It’s critical we learn from the past experiences — successes and failures. So, what can 2017 teach us to be better prepared in 2018? Let’s first look at the hard data.

According to the 2018 SonicWall Cyber Threat Report, SonicWall Capture Labs detected 184 million ransomware attacks and a 101.2 percent increase in new ransomware variants from more than 1 million sensors across more than 200 countries. The increase in new variations signifies a shift in attack strategies.

In addition, SonicWall Capture Labs logged 9.32 billion malware attacks. Network attacks using encryption tactics are also on the rise. Without the ability to inspect such traffic, an average organization would have missed over 900 file-based attacks per year hidden by SSL/TLS encryption.

IoT attacks loom

Internet of Things (IoT) threats and memory attacks are also impending challenges that we face across wired and wireless solutions. According to Gartner, by 2020, IoT technology will be in 95 percent of electronics for new product designs.

Recently, Spiceworks performed a survey that resulted in IoT devices being the most vulnerable to Wi-Fi attacks. This makes IoT and chip processors the emerging battlegrounds. IoT was also a big target as “smart” (pun intended) hardware is not updated regularly and is often physically located in unknown or hard-to-reach places, leading to memory attacks and vulnerabilities.

IoT ransomware attacks are alone on the rise and gain control of a device’s functionality. While many of the IoT devices may not hold any valuable data, there is a risk for owners or individuals to be held at ransom for personal data. Gartner also predicts, through 2022, half of all security budgets for IoT will go to fault remediation, recalls and safety failures rather than protection.

There are many smart devices and IoT devices in the market that connect over Wi-Fi, such as cameras, personal and TVs. Imagine an attack on your personal privacy and a hacker gaining control over your device. Distributed Denial of Service (DDoS) attacks still remain a major threat to these devices. Each compromised device can send up to 30 million packets per second to the target, creating an IoT powered botnet.

In fact, at one point in 2017, SonicWall Capture Labs was recording more than 62,000 IoT Reaper hits each day. Considering there could be an estimated 6 billion mobile devices in circulation by 2020, it wouldn’t be totally surprising if the next wave of ransomware targets mobile devices,

How to secure wired, wireless and mobile networks

It is critical to secure your network, both from a wireless and wired perspective. Total end-to-end security is the key to prevent such attacks from happening in the first place. To survive this cyber war, you can follow certain best practices to ensure your protection:

  • Layer security across your wired, wireless, mobile and cloud network
  • Deploy next-gen firewalls that can provide real-time intrusion detection and mitigation
  • Patch your firewalls and endpoint devices to the latest firmware
  • Secure your IoT devices to prevent device tampering and unauthorized access
  • Educate your employees on the best practices
  • Change default login and passwords across your devices

SonicWall solutions include next-generation firewalls, 802.11ac Wave 2 access points, secure mobile access appliances and the Capture Advanced Threat Protection (ATP) cloud sandbox service, all of which combine to provide an effective zero-day threat protection ecosystem.

To protect customers against the increasing dangers of zero-day threats, SonicWall’s cloud-based Capture ATP service detects and blocks advanced threats at the gateway until a verdict is returned. In addition, Capture ATP also monitors memory-based exploits via Real-Time Deep Memory InspectionTM (RTDMI). With innovative SonicWall solutions, rest assured your IoT and mobile devices are protected for the cyberwar.

Download the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

READ THE FULL REPORT

Chocolate and Network Security: A Match Made in Heaven

I’ve just finished lunch and something is missing. It was a good lunch too: grilled cheese sandwich and lentil soup (a nod to the chilly, blustery Spring morning outside). I liked my lunch, but now I want a little”¦ I don’t know”¦ a little something. What I’d like, truth be told, is a little bit of chocolate. Maybe a small chunk of Ghirardelli’s mile, or whoa ““ how about a lovely Lindt Lindor truffle? Yes, that would be just the ticket, but alas”¦ there’s no chocolate in the house.

And what, you may ask, has this to do with Security?

Everything. I assure you. Everything.

Let’s say you’re a distributor of fine chocolates, candies, gourmet sauces and other foods for the discerning palette. Let’s say you’re business is expanding by leaps and bounds, and your IT infrastructure is increasingly at risk, as you get hit with various malware events. No one really thinks of the critical role that IT plays in under-girding the success of gourmet food, but as wholesale and retail provider, First Source, knew ““ without a sound and safe infrastructure, they were going to be in trouble. But not only did First Source need an updated security infrastructure to better protect against threats 24×7, they also needed this to happen while improving the speed and quality of its order processing.

As a chocolate craver, let me tell you, I’m so glad First Source put SonicWall Security’s mobile and network security solutions and gourmet food together.

Over a period of 18 months, First Source designed and deployed a company-wide SonicWall next-generation firewall solution “” including firewall appliances at each remote location “” to act as the gatekeepers for the First Source IT infrastructure.

And wouldn’t you know it – the SonicWall solution has not only boosted the company’s security, but having site-to-site SSL VPN access with load balancing and high-speed internet connections has allowed the company to increase efficiency and collaboration too (read what other benefits First Source experienced here >>)

In almost every industry, in almost every location a solid secure infrastructure under girds almost all aspects of our lives. Even my chocolate cravings”

The Future Looks Bright for Mobile Worker Productivity

Managing and securing mobile data is about to get a whole lot easier. Mobile platform providers, historically focused on the consumer, are now investing heavily in new OS features that will seamlessly integrate with mobile management and security solutions and allow businesses to more easily enable mobile access to more data and resources without compromising security.

Historically, IT departments protected corporate networks and data by only allowing trusted devices and users to connect to the network. IT could limit the threat of data loss and malware by controlling and managing PC and laptop and software images and configurations. In the new mobile era, IT has limited control or management over devices. Workers are often independently choosing their smart-phones and tablets as well as the apps and services they use to address business and personal needs.

So, with limited mobile device control and management, how can IT keep company data secure while enabling mobile worker productivity?

The leading mobile platform providers recognize the challenge businesses face and are adding new features to make it easier to secure and manage business apps and data on devices, whether corporate or personally owned. And they’re partnering with third party mobile management and security providers to help give IT control to secure and manage the mobile data workflow. Key mobile platform features enabling mobile for business include:

1. Managed separation of business and personal apps and data

Mobile OS’s are architected to allow data to be easily shared by apps. While this ease-of-use and transparent interaction and sharing between apps is beneficial for personal use, it can be problematic for businesses that want to protect data. For example, many social apps mine contact lists from other apps and invite contacts to join their service. With this, confidential customer contact information stored in a business app could unintentionally be “shared” to a personal social app, leaking customer contact information and potentially damaging a business’s reputation or violating regulatory rules. Another risk, if a rogue app is downloaded to a device, mobile malware or vulnerabilities may be present that can steal data or provide an entry point for a cyber-attack.

To address these issues, the new generation of mobile operating systems is adding features that, with third party mobile management tools, will help better secure business apps and data on mobile devices. IT, with mobile user permission, will be able to more easily deploy and manage trusted mobile apps for business and enforce security policy to protect company data, while personal apps and data will be isolated from business apps, preventing data leakage. To meet mobile user demands for personal app and data privacy, IT will be restricted to only manage business apps and data. With these new built-in OS features, today’s proprietary secure containers that isolate and secure business apps and data on mobile devices, will be less necessary, helping to reduce IT cost and complexity.

2. Managed apps

To further support mobile for business, mobile platform providers are making it easier for app developers to build “managed apps”, apps that can be configured and managed by mobile management tools. For these apps, IT will be able to use third party mobile management tools to configure app level policies that affect the actions an app may take. For example, a managed email app implemented with the new mobile management control protocol could be remotely configured to only allow email and attachments to be viewed from the email app, and disallow copy, cut and print functionality to keep business data secure and encrypted within the app and not allow sharing with other apps.

3. App level VPN

Businesses today often deploy VPNs to securely connect mobile and remote workers with company networks and resources, a necessity to encrypt data in-flight and protect from data theft. However, when a device is used for business and personal use, if the VPN is enabled, personal traffic also uses the corporate VPN which can impact network bandwidth and contaminate backend resources. Ideally, to preserve corporate network bandwidth, only business apps and data should use the corporate VPN.

To address this need, mobile OS, security and management technologies are evolving to allow per app VPN capabilities. With per app VPN, security and management technology may be configured with policies to initiate a VPN whenever a business app launches such that business traffic from the mobile device travels through the VPN while personal traffic does not.

So, with these new mobile management and security capabilities, what should businesses do to accelerate mobile adoption and productivity?

Get ready for the next wave of mobile technology. For information on the management and security solutions you need to help enable mobile workers productivity while protecting from threats, read our eBook, Secure Mobile Access.

Mobile Security Checklist to Minimize Risk

The number of mobile devices in the workplace is exploding and with this, a new frontier for cyber-attack is emerging that poses a significant risk to business. As the great philosopher and strategist SunTze wrote, “Know your enemy and know yourself and you can fight a hundred battles without disaster.”

Threat analysts are finding that malware isn’t just a problem for laptops any more. For example, reports indicate that the CloudAtlas campaign, a sophisticated advanced persistent threat that initially targeted windows machines, has made its way to mobile platforms including Android, Apple IOS and Blackberry systems. Our own SonicWall Security Threat Research Center uncovered the Android counterpart of the CloudAtlas campaign. This malware masquerades itself as an update for the popular messenger app Whatsapp, and in turn, spies on a victim’s device to obtain sensitive data,such as texts, contacts and calendar information, and passes it back to the attacker, creating a huge business risk.

Could you, or one of your employees unknowingly have a mobile device infected with malware harvesting your confidential business data?

Fundamentally, there are two key business risks that you need to protect from as workers go mobile. The first, is theft or loss of mobile data. The second, is mobile devices becoming conduits for malware attacks that affect corporate systems and data. So what are the mobile threats you need to be aware of to protect your business?

Here’s a checklist of threats you need to be prepared to tackle in the mobile worker era:

  1. Lost and stolen devicesNo surprise here. If a device is lost or stolen, and corporate data was stored on the device, there’s a risk of confidential data loss. An even bigger risk, is a lost or stolen device being used to gain access to corporate data and apps on the back end. Significantly more data could be impacted if an unauthorized user with a lost or stolen mobile device gains access to the data center. This is particularly problematic for businesses subject to regulatory compliance.
  2. Mobile malware and vulnerabilitiesAnother concern is rogue apps downloaded to devices containing information-stealing malware, such as the CloudAltas threat discussed above, or vulnerabilities with devices, OS design and 3rd party apps. These threats provide entree for attacks and can lead to data theft and downtime. Again, this is a risk for data on the device, but potentially an even bigger risk if the device becomes a conduit for malware to infect backend data systems and cause data loss or downtime.
  3. Data leakage through 3rd party appsCorporate data and apps co-mingling with personal data and apps on devices can also create risk and lead to corporate data leaking, either intentionally or unintentionally. For example, many social apps mine contact lists from other apps and invite contacts to join their service. With this, confidential customer contact information stored in a business app could unintentionally be “shared” to a personal social app, leaking customer contact information and potentially damaging a business’s reputation or violating regulatory rules.
  4. Insecure Wi-FiLastly, the riskof man-in-the middle attacks. Attackers can snoop data if traffic is sent over unencrypted networks such as public wifi. Data in-flight is likely the pulse of the business. It likely contains fresh, sensitive data, and may even contain data subject to legal or regulatory requirements for confidentiality. If that data is intercepted, it could be damaging to the business. Although the relative quantity of data lost or stolen in case of in-flight traffic interception is likely small, the potential for damage is still there. So, to protect in-flight data from interception, data should be encrypted.

Mobile Security Solution

So, now that we reviewed the top threats, how can you prepare to win the mobile security battle to come? To protect from these threats, the best defense is a good offense.

Secure container and encryption technologies such as Enterprise Mobility Management (EMM) can help isolate and secure business apps and data on mobile devices. This a great start, but company data and networks are still at risk if only on-device data protection is addressed. Security is an end-to-end mobile workflow challenge.

For comprehensive mobile security, in addition to EMM, deploy security and access control technologies in your IT infrastructure that authenticate users and interrogate devices, OSes, mobile apps and validate their integrity. Only grant VPN access to trusted users, devices and business apps to help protect from rogue access and malware attacks. Also deploy, next-gen firewalls to scan mobile traffic entering your network and block malware before it infects corporate systems and data. Next-gen firewalls can also scan mobile traffic entering your network and block malware before it infects corporate systems and data and block access to and from disreputable web applications and sites, adding another layer of protection.

For more information on the security and access solutions you need to enable mobile worker productivity while protecting from threats, read our eBook: SonicWall Secure Mobile Access.

Go mobile to Increase Employee Productivity

What if you could increase employee productivity and employee satisfaction? Compelling evidence shows that employers that embrace the use of mobile devices for work purposes, whether personal or corporate issued, can do just that. Too risky? A new generation of mobile security and management tools can enable this without compromising data security.

According to a survey of 251 businesses and IT professionals conducted in 2014 by Harvard Business Review, “organizations that support and encourage use of mobile devices by their employees are experiencing increased productivity and user satisfaction. The good news is that the mobile revolution isn’t coming, it’s here. A majority of respondents believe mobile devices have already transformed their organizations, and predict their transformational impact will be even greater in two years. As an example, 65 percent of respondents say mobile devices have improved enterprise efficiency, while another 51 percent say they’ve improved customer service. Meanwhile, 47 percent say they’ve enhanced employee satisfaction and retention. ”

Could your business benefit from increased efficiency? Increased employee satisfaction? Most businesses could.

In order to achieve these benefits, you’ll likely need to refresh your data access and security infrastructure to support the mobile worker. Most organizations are optimized for the legacy remote access paradigm, that is, IT managed windows laptops. To facilitate mobile worker productivity, you’ll need to modernize your access and security infrastructure to enable mobile worker productivity and protect from mobile threats. Here’s a checklist of considerations:

  1. Data protection, end-to-end: Data protection is a top concern and many organizations are considering or have deployed technologies such as Hosted Virtual Desktop, Enterprise Mobility Management (EMM) or other data encryption solutions to secure business data on mobile and remote devices. This a great start, but company data and networks are still at risk if only on-device data protection is addressed. Security is an end-to-end mobile workflow challenge.

  2. Access to company data from many device types: Your remote access infrastructure was likely implemented for the use case of remote workers accessing corporate resources from windows laptops. Of course, this has changed with the explosion of mobile devices, including smartphones, tablets etc”¦.and will continue to evolve with wearables and the internet of things. To get ahead of the curve, IT organizations need to invest in access infrastructure and gateways that can support not only legacy windows laptop technologies, but also today’s mobile devices and are ready to support the connected devices of the future. For example, enabling secure access from the standard HTML 5 browsers that most modern connected devices support.

    Also, your access infrastructure was likely implemented to support a one session per user model. With the explosion of mobile and connected devices comes an explosion of concurrent sessions. To get ahead of the explosion and provide the support businesses will need to be successful, you need access infrastructure and gateways that are scalable to keep ahead of the explosion and keep employees productive.

    And lastly, whereas workers were delighted with the productivity gains experienced when business email and calendar could be accessed from smartphones, today’s workers want access to all the company resources they need to be productive, including ERP etc”¦.from their mobile devices. To get ahead of the curve, your access infrastructure needs to support secure access to a broad range of resources, including intranet web apps, client server apps, hosted desktops etc”¦ from the devices workers want to use.

  3. Business + Personal = Increased risk: The business and personal mixed -usage model that many workers prefer, often results in co-mingling of personal and business data and apps on mobile devices. The typical scenario is a mobile user accessing email, calendar, the internet, social media and other apps for personal use, and also accessing business mail, calendar, intranet file share and intranet business apps for business use. The challenge for IT here is, that this comingling of apps and data increases the risk of business data loss and the risk of malware threats. We also find that IT organizations have challenges associated with mobile workers who are concerned about app and data privacy. Increasingly, personal data is legally protected, so businesses need to track end-user acceptance of BYOD policy terms to reduce business risk and demonstrate legal compliance. And we’re seeing these challenges across the board, impacting organizations of all sizes, all types. No organization is immune, though the greatest risk is with regulated industries.

  4. Cyber threats go mobile: Historically, IT protected corporate networks and compute environments by only allowing trusted devices and users to connect to the network. IT could help limit the potential of devices introducing malware onto the network by controlling and managing laptop configurations and software images. In the new mobile era, IT no longer controls or manages these devices. Workers are independently choosing their smart-phones and tablets as well as the apps and services they use to address business and personal needs, and with the mobile explosion comes an increase in cyber threats targeting mobile platforms.

    To protect from malware infection, the best defense is a good offense.

    With mobile users and BYOD, you may not control the device or the software, but you can deploy access control and security technologies in your IT infrastructure that interrogate the device, OS, mobile apps and validate their integrity before granting access to your network. You can deploy next-gen firewalls to scan mobile traffic entering your network and block malware before it infects corporate systems and data. And you can monitor and block access to and from disreputable web applications and sites.

    If your business could benefit from increased employee productivity and satisfaction, now’s the time to embrace going mobile. For more information on access and security solutions you need to enable mobile worker productivity while protecting from threats, read our eBook, SonicWall Secure Mobile Access for BYOD.

Adapting Your Mobile IT Security Strategy to Enable Mobile Workers

Providing employees with mobile access to corporate resources and applications can deliver a wealth of benefits, including improved productivity, satisfaction and innovation. However, it also introduces security and compliance challenges, from data loss to network breaches and malware attacks.

The way people work has fundamentally changed and mobile devices are at the forefront of this shift. An IDC study predicted that by now, more than one third of the world’s total workforce would consist of mobile workers. Meanwhile, Gartner Predicts by 2017, Half of Employers will Require Employees to Supply Their Own Device for Work Purposes. The phenomenal growth of mobile computing stems from its convenience and benefits. Mobile users have become accustomed to having the internet and their email and calendaring applications at their fingertips in their personal lives, and they are now expecting a similar experience when accessing business-critical applications, along with the ability to choose their corporate device or use their own. Organizations are finding that providing these capabilities increases employee productivity and spurs innovation.

Of course, there are challenges and risks to providing mobile access. The top five mobile threats are data loss from lost, stolen or decommissioned devices, information-stealing mobile malware, data loss and data leakage through poorly written third-party applications, vulnerabilities within devices, OS, design and third-party applications, and insecure Wi-Fi network or rogue access points. Mobile devices are often lost or stolen, which makes the data on them, as well as the corporate network, vulnerable to unauthorized access. In addition, a mobile device can become a conduit for malware from rogue apps, and unless data is encrypted in flight, it’s susceptible to interception, especially when users are on public Wi-Fi networks.

Compliance and legal aspects are another obstacle. In particular, it isn’t always clear who owns the data on mobile devices; some organizations insist that company data on employee owned phones and tablets belongs to the company and that it should be backed up and archived for legal and compliance purposes. In addition, unless a device has been locked down, there’s also a chance that an employee will move corporate data into the cloud or that it will be lifted directly from the device by an advertising network or a cybercriminal. Accordingly, an interesting dynamic is emerging between the teams responsible for IT and those tasked with security and compliance. IT leadership has strong motivation to implement a mobile access policy to gain productivity and user satisfaction benefits, while the individuals responsible for information security and compliance or IT support may try to stall or block the adoption of a mobile computing model.

Clearly, implementing a mobile program promises significant benefits but also introduces important risks. Therefore, in order for a strategy to emerge, all stakeholders must agree on the organization’s mobile computing needs, what can be supported in the short and medium term, and the ultimate vision.

To help your organization establish to what extent to embrace mobility, consider the secure mobility risk and compliance model (see figure below), which shows the risk, level of compliance and level of access associated with different mobile strategies.

As the model shows, company-issued devices offer the lowest security risk and the highest level of compliance. However, issuing devices to each user can be costly, and limiting mobile users to only a single device (that is not of their choosing) can significantly reduce the potential productivity benefits of the mobile strategy. At the other end of the spectrum, embracing full “bring your own device” (BYOD) may delight the mobile user community, but it entails some significant IT support, security and compliance challenges. Many organizations choose a mobile strategy between these two extremes, such as “company-owned, personally enabled” (COPE) or “choose your own device” (CYOD).

Whatever mobile strategy you choose, it is important to add context to access requests made by an authenticated user. For example, users who are accessing from a company-issued device should expect virtually the same experience as they would have in the office. However, users accessing company data and applications from a personal tablet or smartphone might be denied access to business-critical systems that contain sensitive data (such as HR, order processing or CRM) and allowed access to only email and calendar data.

Ensure that your IT security strategy is adapted to your mobility requirements read the tech brief “The AAA approach to network security”.