Archive for November, 2013

Mobile Security Breaches: A Historical Snapshot of Mobile Security

Friday, November 22nd, 2013

Seven percent of U.S. families endure the agony of identity theft, according to the 2013 Montana Department of Administration’s Cyber/Data Information Security FAQ. Primary points of attack include credit card data, online banking information and social security numbers. Easily accessible, unencrypted portable devices remain among the most common points of security breach.

Whether from a misplaced BlackBerry, a lost thumb drive, a stolen laptop or inefficient cloud security, you and your family remain at risk of the worst possible consequences of modern technology: Complete financial and personal disruption.

Two Stages of Mobile Security Breach

Before dipping knee-deep into the history and evolution of mobile security, consider the distinction between a mobile security breach and a mobile data breach. The State Privacy Office of West Virginia defines the differences as follows:

  • Security Breach – Getting a hold of unauthorized information that compromises the confidentiality, respectability or security of private information maintained by a business or a person
  • Data Breach – The negligence or unauthorized disclosure of personally identifiable information in a manner that enables compromise of addresses, banking data, names, dates of birth, health care details, Social Security information and more.

However, no mobile device security plans for the near future distinguish between the two terms. Although mobile security programs aim to eliminate data leakage and unauthorized BYOD access to corporate assets, data security authorities continue to apply the twin terms interchangeably. For the purpose of event listings, tracking and problem resolution, technology experts make no distinctions between a hacker stealing information from a corporate database and a lost smartphone containing the personal information of the device owner, company customers or company employees.

A Bitter Run-Down of Mobile Device Security Breaches

Originally designed as enterprise-centric and tightly controlled mobile devices, smartphones have evolved in a consumer experience in portable computing. Current operating systems sometimes run on open-source coding, opening a floodgate of hacker enabled doorways, windows and crawlspaces. Here is a sampling of some history-making mobile security breaches.

August 2006: First Trojan malware invades BlackBerry email process. It came as a free tic-tac-toe download. It’s purpose: to attack the BlackBerry email functions. Fortunately, this one was designed by a security research seeking only to expose the risk factor.

January 2009: Multiple security issues in BlackBerry PDF format opens pathway to memory corruption via hacker-generated email containing specially-crafted PDF files. Possible extent of the dangers included the execution of arbitrary code on the BlackBerry Enterprise Server. Fortunately, RIM uncovered the vulnerabilities and released a reliable patch.

March 2011: Android market takes direct hit from 50-plus malware-infected applications. The DroidDream malware illustrated the additional security issues associated with open-market app publication. Fortunately, Google intercepted the malicious apps before major damage occurred.

2013 Mobile Security In The Here and Now

Winning the battle for digital security is an ongoing battle. A simple observation of the daily Microsoft security updates for Windows reveals the depth of the problem. Every modern mobile device presents product-specific security risks and every modern mobile device presents some common security issues.

As users, you depend on the manufacturers for low level protection. But the primary source for substantial mobile security remains common for every user and every corporation. Mobile users can also enlist proactive help from ID theft protection services such as LifeLock. You must:

  • Restrict access
  • Know the contents
  • Use encryption
  • Install passwords
  • Maintain backups
  • Handle with wisdom