Does your phone have a firewall? Does it have antivirus? Should it? I’ll wager your laptop does. That’s because your laptop faces the looming threat of attackers from the internet every time to connect to a network. Additionally, any time you use a network, you expose yourself to the potential for a network level attack. Everyone knows that an unprotected computer is pwnage waiting to happen. So what about your phone? Your phone is connected to the internet 24/7. What’s more, it lacks a lot of the controls that would normally be applied to a network computing device. It has no firewall, no antivirus, and most users can’t even kill processes or modify the file system without voiding their warranty. The user has to rely on the closed nature of the device, and hope there are no exploits roaming the wild. This is paper-thin security at best, especially when you consider the trends in modern phone usage are pushing for more devices containing more sensitive data. So how does an attacker target a mobile device? They don’t have to: given some recent developments in the Metasploit framework, they can initiate wide ranging automated attacks against anyone they can connect to. Consider the open Wi-Fi network, such as at a coffee shop. As customers sit down, and link up laptops and phones, an attacker keeps track of hosts joining the network. Then, leveraging the power of the autopwn feature of Metasploit, an attacker can attempt any number of exploits against any number of hosts, smartphone or not. Your laptop might withstand automated attacks because it has a firewall and antivirus. Your phone doesn’t. There is no “Do you want to allow this app to run?” There is no “Would you like Windows Firewall to allow access to this program?” That’s it. An attacker now has access to your phone’s audio, camera, data access, and any stored credentials or other sensitive data. Metasploit has payloads in development for both the iPhone and Android platforms that will give root access to the phone, pending a successful exploit. Finding more exploits is only a matter of time. So this brings me to my point: Should your phone have a firewall?
PTaaS is NetSPI’s delivery model for penetration testing. It enables customers to simplify the scoping of new engagements, view their testing results in real time, orchestrate faster remediation, perform always-on continuous testing, and more - all through the Resolve™ vulnerability management and orchestration platform.
We help organizations defend against adversaries by being the best at simulating real-world, sophisticated adversaries with the products, services, and training we provide. We know how attackers think and operate, allowing us to help our customers better defend against the threats they face daily.
At NetSPI, we believe that there is simply no replacement for human-led manual deep dive testing. Our Resolve platform delivers automation to ensure our people spend time looking for the critical vulnerabilities that tools miss. We provide automated and manual testing of all aspects of an organization’s entire attack surface, including external and internal network, application, cloud, and physical security.
Our proven methodology ensures that the client experience and our findings aren’t only as good as the latest tester assigned to your project. That consistency gives our customers assurance that if vulnerabilities exist, we will find them.
Is your organization prepared for a ransomware attack? Explore our Ransomware Attack Simulation service.