Security Research For Mobile Devices
Special guest: Christopher Crowley, Consultant at Montance® LLC
Mobile devices and their behaviors are a mystery to most people. They work, they’re useful, but we occasionally hear about a “security researcher” who discovers some undesirable behavior. That security research could be you.
Christopher doesn’t primarily focus on forensic analysis, even though this is a part of his activities. He focuses more on the risk aspect of mobile devices and alerts organizations about vulnerabilities. Sometimes this becomes a forensic consideration.
For example, when Christopher was working for the Department of Energy in the US 15 years ago, concerns were starting to be raised over iPads that were being introduced into the work environment. The specific question raised was: “If certain sensitive information were stored on an iPad, what sort of a risk would there be of that information becoming exposed if someone stole the device?”
Basically, the challenge became identifying what information could be accessible and how it could be accessed so that any risk of data extraction on devices within an organization could be managed.
Christopher has been developing a portfolio of information and resources to assist with institutional risk management ever since. The overall topography of the risk map for mobile devices determined that they are vulnerable at their interface with any network.
There are potential issues with targeted attacks coming from a network that could be coming through Wi-Fi, cellular, components of Bluetooth, NFC, or connecting to any other device physically. Anything from the operating system to the varying hardware components of a mobile device can become potential issues.
On the flip side, from a digital intelligence point of view, these vulnerabilities provide entry points to access critical digital evidence.
At a deeper level, there are applications that sit atop the operating system. Applications can contain data, that is often inadequately protected. What most app providers do not account for is the risk of other applications within the same device trying to gain access to other application data.
iOS does achieve better security superiority over other providers with “sandboxing” and other protection methods, but there have still been incidences of apps being able to access other apps from within the storage mechanisms of a device.
Android allows more inter-process communication between apps, so the risk is more prevalent on devices with this operating system.
Find out more during the podcast about how mobile device users are the next attack surface.