The profusion of mobile devices, all connected to the internet, has ushered in a new era in public safety cybersecurity. What used to suffice when it came to protecting data and networks – antivirus software and network firewalls – doesn’t begin to address today’s needs.
The convenience of mobility has opened up vast new opportunities for hackers to get to places they shouldn’t. It has altered the concept of the perimeter, as each mobile device now represents a point on that perimeter, a vulnerability that must be protected.
This new reality has led to a number of guidelines that various organizations have crafted to keep public safety data, networks, and devices safe. But cybersecurity is about more than just following guidelines, which strain to keep up with the creative ways that hackers constantly attack agencies and businesses.
Attack vectors change rapidly, as hackers grow more sophisticated and work to stay one step ahead of the good guys’ defenses. It’s worthwhile to take a look at some of the most common and most worrisome ways that hackers will try to penetrate your network.
Determining the threats
A perennial hacker favorite is phishing, typically through email, where a hacker tries to fool the message recipient into clicking on a link or opening an infected file. What is new is that as the quality of the bogus emails has improved, it has become increasingly difficult to spot a phishing attempt.
Gone are the poor grammar and amateurish efforts to make an email look legitimate. Now, if a hacker does his homework, you may not be able to tell whether that message is really from the police chief or fire chief – or not. It takes much more training now for users to be able to approach each message with the right amount of caution and to spot the nuanced signs that an email is fake.
Phishing has also morphed into social media and texting versions, further increasing the challenge. The goal remains the same, to trick someone into giving up key information that will allow the hacker to compromise a device and the agency network.
Malware, either in the form of ransomware, cryptoware, or some other variant, is another common pathway into an agency’s network. There have been many high-profile ransomware attacks in which government agencies and other organizations have been locked out of their data until they paid some form of ransom to regain access.
Another ploy is the “drive-by.” Here a hacker sabotages a legitimate website with some form of malware, and the user – innocently visiting the site as usual – picks up a bug that can invisibly infect their device and network.
Also popular are man-in-the-middle Wi-Fi attacks, where a hacker will intercept traffic at a popular Wi-Fi location such as a coffee shop. Mobile devices such as phones or tablets are primarily the target here, since they often lack the higher levels of protection that agencies use for their laptops and other computers.
The best defense
Because mobile devices are so different from what traditional cybersecurity was designed to protect, with its focus on firewalls and preventing access to key network servers, a completely different approach to mobile device defense is needed.
That approach combines mobile device management (MDM) and mobile threat detection (MTD) tools to form a comprehensive defensive line against intrusions of all kinds.
MTD solutions enhance an agency’s defenses by detecting and preventing threats against mobile devices and platforms. They use artificial intelligence, machine learning, and advanced behavioral analysis based on mobile threat intelligence. They gather that intelligence by collecting and analyzing mobile traffic and data to maximize their understanding of the vast range of potential indicators of compromise. And when they do identify suspicious behavior, they counter the threats.
What makes MTD solutions so effective is that they gather their threat intelligence both from the devices they support and from external sources. By analyzing that intelligence, they can compare the behavior of healthy mobile devices to the behavior of devices that are known to be under attack, furthering their ability to recognize suspicious activity.
MTD tools closely monitor all the vital indicators in the devices, applications, and networks they support. That includes the device operating system and security update versions, configurations, library modifications, and much more. That all feeds into an unparalleled ability to identify malware and other threats.
These solutions – such as Sprint Secure Mobile AI – also monitor all forms of wireless network traffic for questionable behavior and defend against mobile phishing attempts, to protect users and agencies from malicious links sent through email, text, or applications.
Because of its ability to leverage machine learning, perform immediate risk assessments, and issue threat alerts, the on-device Sprint Secure Mobile AI offers broad protection against known and unknown threats. When it spots a threat, it can react either automatically, by alerting the user, or via a separate third-party mobile device management (MDM) tool.