CIS 502 – Theories of Security Management
Mobile Device Security and Other Threats
Mobile devices afford today's professionals with the luxury of constant and continued communication around the clock from almost anywhere in the world. These computing and communications devices have become an invaluable asset to the way organizations have begun to conduct their business today. With the increased use comes the increased risk. Mobile communication is a tremendous security risk; the most significant of the overwhelming amount of risks include the possibility of loss. Typically mobile devices are relatively small and could easily be misplaced or left behind allowing it to get into the wrong hands. Should this occur, there is a significant risk for unauthorized disclosure of sensitive information. This paper will discuss mobile device security and other threats facing today's technology user.
Security Threat Report 2014 Reviewed
The article "Security Threat Report 2014" goes into great detail and lists several security threats that are present today. The first being "botnets" which are a private network of computers that have been infected with malware unbeknownst to the system owners and are used to send spam. Previously, cybercriminals have chosen not to share their source code or their either sell it with an expensive price tag that in turn kept their "community" small. "But in recent years, working botnet source code has been leaked." (Security Threat Report 2014, 2014) Since this has happened, the security industry has noticed and increase in imitators who have also developed more creative code that operates in ways that had never been considered. Botnets can include ransomware which means the criminal has installed malware and is now demanding hefty payments to grant access back to your data. Banking malware botnets have also been increasing.
Android malware was initially detected in 2010 and is increasingly becoming a greater security threat. Sophisticated malware allows the criminal to control the infected mobile device by sending messages that will result in the device owner being charged. Apps are being used to infect and manipulate devices.
The Linux platform has become an attractive target since because of its extensive use for websites and to deliver web content. Previously Linux hadn't been targeted but criminals are using creative ways to disguise their code from being detected.
Hackers are developing Trojans that are designed to attack Apple computers. While not as common, this risk is increasing.
Hackers have increasingly started using Apache modules on legitimated websites to launch browser attacks.
Banking institutions are increasingly experiencing compromised accounts as a result of advanced persistent threat (APT) attacks. Malicious code is installed and then executed with a trusted process. This threat is the most alarming because it can have such a drastic effect on both companies and the everyday consumer. While there are many programs in place that add protection against account data being compromised, it is the consumer's responsibility to use due diligence as well. Safeguarding information is vital. Online shopping is very common and convenient, but you have to remain concerned with sites that do not use legitimate security to encrypt the transaction data. Mobile banking should also be used with caution. Bank websites typically have safeguards in place that will log you out after a short period of inactivity. The device owner should be sure that the device is password protected, and bank information can't be readily found in notes or emails.
Unpatched Windows Systems
Windows is running on over a billion computers given the hacker seemingly unlimited options for attack. The risk of unpatched systems occurs when older versions of the software