Mobile security is the new hotness. The conventional wisdom hasn’t yet been established, but many security proponents are gunning for users who jailbreak or root their devices. Symantec and Good both offer enterprise solutions that include features to manage root privileges on employee devices. Unfortunately, malware engineers just changed their approach. As background, many approaches to mobile security rely on preventing users from gaining root access. Root access allows a user ultimate control over the phone, regardless of the inherent protections built into the device’s operating system. Many users who go about acquiring root access do so in order to harmlessly customize their device. Some users leverage root privileges to subvert controls on functionality like mobile tethering. In any case, this process is seen as a risk since a user who roots their phone is capable of granting these enhanced privileges to any application that requests escalation. If a user inadvertently grants root privileges to a piece of malware, that malware could access any data on the phone, including potentially protected, corporate information. In August, a piece of malware called GingerMaster was found to escalate to root privileges on any device compromised. From a management perspective, it no longer matters whether or not users in a given environment have rooted handsets. At this point, a user with a rooted device who installs a malicious app is just as likely to expose sensitive or controlled information as a user without a rooted device. This means there isn’t a technical control that can prevent a given user from installing a malicious app and accidentally compromising anything from their email to their entire corporate environment. Just like with SSL certificates, users will have to learn to differentiate between helpful apps and malicious ones. Thankfully, attackers are still disguising most of their malware pretty poorly. The cutting edge malware GingerMaster, for example, was disguised as “Beauty of the Day.”
PTaaS is NetSPI’s delivery model for penetration testing. It enables customers to simplify the scoping of new engagements, view their testing results in real time, orchestrate faster remediation, perform always-on continuous testing, and more - all through the Resolve™ vulnerability management and orchestration platform.
We help organizations defend against adversaries by being the best at simulating real-world, sophisticated adversaries with the products, services, and training we provide. We know how attackers think and operate, allowing us to help our customers better defend against the threats they face daily.
At NetSPI, we believe that there is simply no replacement for human-led manual deep dive testing. Our Resolve platform delivers automation to ensure our people spend time looking for the critical vulnerabilities that tools miss. We provide automated and manual testing of all aspects of an organization’s entire attack surface, including external and internal network, application, cloud, and physical security.
Our proven methodology ensures that the client experience and our findings aren’t only as good as the latest tester assigned to your project. That consistency gives our customers assurance that if vulnerabilities exist, we will find them.
Is your organization prepared for a ransomware attack? Explore our Ransomware Attack Simulation service.