Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Mobile security_Example v0.4

ali
by

Faham Usman

on 22 May 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Mobile security_Example v0.4

Information Security
Mobile Security
Awareness Campaign
Agenda
Salim is your Cyber Security Advisor.
Aims at promoting, building and ensuring a safer & secure cyber environment and culture in the UAE.
About aeCERT
One of the initiatives of the UAE Telecommunications Regulatory Authority.
aeCERT is the United Arab Emirates Computer Emergency Response Team.
aeCERT
Salim (aeCERT)
@salim_aecert
For more information
www.aecert.ae
info@aecert.ae
Questions
About aeCERT
Physical Security
Physical Security threats
How to Ensure Physical Security
Protection
NFC Security Risk & Countermeasures
Eavesdropping: The range of NFC is a few centimeters, but Radio Electronics reports that the signal can be received up to 10 meters.

Data corruption: You can detect this when the electric power needed to transmit the signal is increased.

Man-in-the-Middle: If someone can get between, say, the digital wallet and the POS cash register they could intercept the signal, decrypt it to read it, encrypt it again, and send it on its way so that no one knows it was hacked.

Mobile Security Stats
Source: http://www.f-secure.com/static/doc/labs_global/Research/Mobile%20Threat%20Report%20Q4%202012.pdf (2012)
Android Security Screenshots
Blackberry Security Screenshots
To use BlackBerry Protect, your BlackBerry device must be connected to a wireless network.

On the home screen, swipe down from the top of the screen. 

Tap  
Settings > BlackBerry Protect.
Set the 
BlackBerry Protect
 switch to 
On.
To be able to view the current location of your device on a map, tap
 Location Settings.
Set the 
Location Services
 switch to
On.
After you finish:
Tip:
 To use BlackBerry Protect features, go to http://
protect.blackberry.com
 and sign in with your BlackBerry ID.
BlackBerry Protect
Activation Lock.
This feature in iOS 7 makes it more difficult for anyone to use or sell your iPhone once it’s gone missing. It starts working the moment you turn on Find My iPhone in iOS 7. Turning off Find My iPhone or erasing your device requires your Apple ID and password. And your Apple ID and password are required before anyone can reactivate it.

Remote Erase.
If you’re worried that your device has fallen into the wrong hands, you may want to initiate a remote wipe to delete your personal data and restore your iPhone to its factory settings. With iOS 7, Find My iPhone can continue to display your custom message, even after your device has been erased. And if you do retrieve your device, you can restore it from your iCloud backup.

Find my iPhone
Hackers Swiped £30 million
Hackers swiped £30 million from the bank accounts of 30,000 customers in Italy, Germany, Spain and Holland using mobile malware.

The fraud used malware based on the infamous ZeuS cybercrime toolkit to target the PCs and mobile phones of banking customers.  
The United Arab Emirates Ranks 1st in Smartphone Penetration
Mabrook! Your number was selected in the annual U.A.E. lottery. You just won 300,000 AED! Please call the number below to collect
your mone
SMS Scams
This is a lie.
iPhone Security Screenshots
2012
2011
Mobile Security Stats
Source: http://www.f-secure.com/static/doc/labs_global/Research/Mobile%20Threat%20Report%20Q4%202012.pdf (2012)
2010
Sensitive information may
be intercepted by a sniffer when these functions
are enabled.
It is easy to exploit these
functions to send
malicious code.
Disable both Bluetooth
and Wi-Fi if and when not
needed.
Bluetooth allows your phone to wirelessly communicate with other devices, such as your headphones,
other mobiles or with your computer.

Bluetooth & Wi-Fi
Back up frequently
Use an up-to-date antivirus program on your mobile.
Mobile Malware
Follow safe internet browsing best practices on mobile as followed while using computers.
Cell phone
Bluetooth headset
device
Laptop
Be Careful with Bluetooth
GPS
Triangulation
Geo-location Hazards
Clear Memory of your BlackBerry Phone.
Encrypt Data on your BlackBerry Smartphone.
Shut Down Bluetooth when not in use.
Secure Passwords with the Password Keeper Utility.
Enable Password Protect on your BlackBerry.
Blackberry Tips
Easy to lose.
Your mobile holds a tremendous amount of information.
New security risks with smart phones
Mobile phones have become one of the primary ways people communicate. You can instantly talk to or message anyone else around the world.
Mobile Security
Set device usage restrictions
Browse the web via Safari
Securely access email
Use Wi-Fi safely on the iPhone
Enable Passcode Lock
Enable Auto-Lock
iPhone Tips
Download programs that have passed certificate test and
that are developed by legitimate companies.
Only download applications you need, know and trust.
Could be malicious or infected.
Every application you install exposes you to danger.
Downloading Apps
Source: http://home.mcafee.com/virusinfo/top-viruses
Viruses Recently Discovered
Resource abuse. Sending spam or bulk SMS from user’s mobile phone
Malware infection
Misuse of data. Data loss due to mobile theft,
lost, wipeout or deleting the files
Corruption or modification of stored data
Top Mobile Threats
Attacker sees victim’s photo on social network and robs his home knowing that he’s out of country on vacations
Thief
Victim
Victim’s home in UAE
Example: Geo-location Threat
Source: http://home.mcafee.com/virusinfo/top-viruses
Top Viruses Tracked
Download files

Download files
Protected bluetooth
Unprotected bluetooth
Bluetooth Hack
Protected bluetooth
Hacker loaded with bluetooth hacking software walks around public places with bluetooth antenna on
Unprotected bluetooth
Source: http://www.ddarabia.com/infograph/a-glimpse-of-mobile-usage-in-uae/
44% expect to make more mobile purchases in the future
39% have made a
purchase on their phone
41% of smartphone users notice Mobile ads while using
search engine
UAE Mobile Usage Stats
Install app called Plan B.
Put a lock on your lock screen
Use the Chrome browser
Install a remote wipe/lock app
Do not connect to unsecured, unknown Wi-Fi networks
Download an anti-malware app
Upgrade to latest Android OS version
Disable app downloads from unk own sources
Android Tips
Exploits
Verify user
Makes transaction
User is forcefully redirected by attacker to a particular QRcode
Phone redirected to Adware
User’s Smartphone
NFC Pos Terminal
Wi-Fi Router
Attacker
Near Field Communications (NFC)
Check out the review of an application before installing it.
Always review application permission request before
installing an application.
Never use public Wi-Fi to access your personal or financial information such as for online banking, online shopping, etc.
Never leave your mobile device unattended especially in public.
Keep the OS up-to-date.
Encrypt all data on your mobile.
Update your mobile applications regularly.
Security Best Practices
Use a strong passcode for your mobile.
The attack worked by infecting victims’ PCs and mobiles with a modified version of the Zeus Trojan.
When victims attempted online bank transactions, the process was intercepted by the Trojan.
Under the guise of upgrading the online banking software, victims were duped into giving additional information including their mobile phone number, infecting the mobile device.
With victims’ PCs and mobile devices compromised, the attackers could intercept and hijack all the victims’ banking transactions, including the key to completing the transaction: the bank’s SMS to the customer containing the ‘transaction authentication number’ (TAN).
With the account number, password, and TAN, the attackers were able to stealthily transfer funds out of victims’ accounts while victims were left with the impression that their transaction had completed successfully.
91% visit social networks
10 apps used in 30 days
27 apps installed on average
Smartphone penetration is currently 61% of the population and these smartphone owners are becoming increasingly reliant on their devices
71% access the Internet every day on their smartphone and most never leave home without it.
36% of smartphone users notice Mobile ads while in an app
UAE Mobile Usage Stats
Rogue App
Mobile Security Stats
Mobile Security Stats
How it Happened?
Find My iPhone
Confidential Data: What to do
When Your Phone is Lost or Stolen
MDM (Mobile Device Management)
Image posted on social network with location mentioned on it
Takes picture while on vacation in UK
Full transcript