January 10, 2019

Lessons from 2018: Handling the next mobile security breach

Jasmine Henry

As mobile adoption soars, malicious hackers are evolving their tactics to match user behaviors. The past 12 months hosted a new volume and variety of threats to enterprise devices and the Android OS platform.

In 2018, the number of Android OS security threats continued to accelerate, growing from four million identified Android-based malware samples in 2017 to five million malware samples in the first five months of the year alone. Two notable trends included a proliferation of threats targeted toward Android applications and malware focused on corrupting devices by targeting open components, such as Wi-Fi or Bluetooth ports.

In a connected enterprise fleet, your mobile devices are physical assets that can present risks when unsecured, from breaches of valuable company data to lost control of devices. To safeguard against new threats, supervisors of enterprise mobility need to consider the security trends and adapt accordingly.

With the following trends in mind, how can enterprises adapt to protect their mobile devices in 2019?


Malware kits target device vulnerabilities

In the past year, attackers have begun targeting open Wi-Fi and Bluetooth ports on Android mobile devices through proximity to the device using malware kits. If successful, they can jailbreak the targeted device to steal valuable corporate or customer data. Proximity-based attacks are likely here to stay, and it’s important to avoid underestimating the role device security plays in safeguarding against a security breach. Protecting corporate-owned devices and onboard content from the latest Android malware requires detection and response capabilities, such as devices engineered for protection from the chip up.


Harmful applications proliferate

Risky application content and insecure user behavior can put enterprise fleet applications at risk. Even content downloaded through official Android app stores became a malware risk in 2018, due to a trend of “malvertising” — scamware advertisements displayed on apps. A flood of spoofed bank applications hit the Play Store in early summer and published hundreds of consumers’ credit card data online in plain text.

The Android security community ramped up efforts to verify 50 billion consumer apps in real time. A November announcement from Google Security stated Android devices which exclusively install content from the Play Store have a 0.68 percent chance of potentially harmful apps (PHA). Consumers were urged to deploy recent OS platforms such as Nougat, Oreo and Pie for protection.

Malicious application content spread like wildfire in 2018, and PHA is becoming harder for the average user to detect. Containerization solutions can protect corporate data and apps from application-based risks by creating boundaries between work and personal content, and safeguarding sensitive data with credentials or biometric authentication.


Corrupt connections capture data transmissions

Malicious hackers and collectives continued to exploit Wi-Fi connections in 2018 with man-in-the-middle attacks (MITM), which involve tapping a public wireless network to eavesdrop or capture data transmissions. In a single month, 4 percent of Android devices had encountered a MITM attack, while more than a quarter connected to an open and potentially dangerous Wi-Fi network. Implementing automated protection can safeguard your fleet from the risks of public Wi-Fi in 2019 by locking devices as soon as an attempted compromise is detected.


Android security patch addresses kernel vulnerabilities

The October 2018 Android Security Bulletin detailed a source patch developed to address “a critical security vulnerability in Framework” which could enable remote hackers to execute code impacting device kernel components. A compromised kernel can lead to a security breach due to sensitive data exposure or the possibility for malicious actors to remotely control an affected device.

To avoid exposure to similarly serious risks, enterprise mobility leaders should automate the remote deployment of Android security patch releases at scale. Cloud-based solutions like Knox Manage can create efficient enterprise mobility management (EMM).


Securely innovate with custom content

Providing trustworthy access to customized corporate applications was a key focus for both developers and organizations in 2018. One recent Play Store announcement tackled the need to “safely and quickly distribute private enterprise apps” on corporate-owned mobile devices. While solutions to distribute content are important, enterprise mobility teams need more to balance security and innovation.

To capture the potential of the next mobile economy, organizations need enterprise-grade solutions to develop and distribute purpose-built applications. In 2018, as much as 62 percent of enterprise mobile app development teams had a backlog, which is sometimes as large as 10 or more apps in the queue. Knox Configure supports rapid Android development for unique vertical use cases without compromising application security, creativity or speed. Custom content can be securely deployed via Knox Manage or an enterprise app store.


Mobile innovation expands beyond smartphones

Balancing security with usability has always been an important key to driving successful enterprise mobility, but 2018 Android trends illustrate that aversion to change is an enormous risk. Threats to Android device and application security evolved significantly in recent months. Innovations last year introduced entirely new possibilities for enterprise mobility. The recent announcement of the Android One UI platform and the world’s first foldable smartphone show that 2019 will be a year of 2-in-1 hybrid devices, workplace wearables and emerging technologies.

Combining the right Android devices with purpose-built applications enables operational efficiency, employee engagement and customer satisfaction. However, it’s important to consider security breach risks as you drive next-generation mobile capabilities in your enterprise fleet. Evolution in the Android OS threat vector in 2018 underlines the ever-growing importance of implementing security measures to protect corporate-owned devices and the sensitive data they contain.

Samsung’s Knox, built from the chip up in each of its mobile devices, provides a comprehensive set of capabilities to enhance the Android platform for superior security and manageability.