The discovery of two new advanced Android surveillance ware instances in July serves as a timely reminder for Australian companies to maintain a robust security posture. The surveillance ware, known as WyrmSpy and DragonEgg, have sophisticated data collection and exfiltration capabilities, and can be used to collect a wide range of data from infected devices. Both are attributed to the high-profile, state-sponsored espionage group APT41.
In today’s business environment, with corporate data fast flowing through multiple corporate-owned and employee-owned devices, protecting your network from potential threats remains a high priority. This includes applying strong security practices for sensitive information on mobile devices and proactively safeguarding your network from potential threats by keeping the operating system up to date. Ensuring your company’s mobile devices are operating on the latest OS with up-to-date application versions and security patching is the best way to mitigate cybersecurity risk.
Another way to mitigate potential risks is to restrict app installation to only approved sources. Threats can lurk in even the most innocuous-looking apps when downloaded from an unknown source, so allowing your people to install apps from anywhere but trusted sources can put your entire organisation at risk.
Security risks
Apps from unknown sources may carry security vulnerabilities, such as malware or other harmful software that could damage devices or steal company and personal data. When downloaded, the app can quickly spread throughout your company infecting smartphones and tablets across your organisation with malicious software. It could also take control of your people’s devices.
Apps from unknown sources could also contain spyware, which can monitor device activity and steal sensitive information, including passwords. And there’s always the potential for phishing beyond more conventional forms of email and text messages. Once a user has installed the malicious app and input their login credentials, cybercriminals can monitor the device and steal sensitive information.
From an operational standpoint, non-optimised apps can use excessive memory and battery and slow down productivity for your users. At the same time, there can be stability and compatibility issues where the apps have not been designed to work with your specific device or operating system.
Then there’s a large number of potential legal issues from copyright or intellectual property infringements that you may be blithely unaware of, but ignorance is never any defence in these matters. As you can’t guarantee these apps have been professionally vetted, they may collect and process personal information in violation of local privacy regulations, putting your business at risk from potential legal action and reputational damage.
Trusted app sources
As a rule, for iOS devices, the Apple App Store is the only trusted source for app installation. For Android devices, it’s the Google Play Store. In addition, if your company uses enterprise app stores to distribute in-house developed apps or apps specifically designed for your employees, these are also considered trustworthy. These environments offer strict regulations for app developers and all apps are vetted before they are available for download. But any other source other must be considered unknown.
Implementing strong mobile data security initiatives is mission critical in this age of mobility and flexible working. Talk to imei about conducting a security audit to identify any vulnerabilities and maximising the protection you have in place for all entry points into your network.
