Every vendor is pushing a threat intelligence feed, program, and/or product. How does a lean organisation separate the hype from the actual value?
Brought to you in partnership with Mimecast
Phishing has been around almost as long as the internet, but its still going strong and getting more sophisticated. Why? Because it works.
Brought to you in partnership with Cofense
A sophisticated phishing operation carried out by terrorist group Hamas using fake Facebook profiles and malicious spyware apps allowed the outfit to hack into smartphones used by Israeli soldiers posted near the Gaza strip and to obtain sensitive information about deployments in the region.
The incident came to light after Israeli army units responsible for information security began investigating complaints from soldiers who alerted them about unknown individuals recommending troops to download certain apps from the Google Play Store.
Those investigating the operation noticed that hackers affiliated with terrorist group Hamas began their operation last year by creating fake Facebook profiles to befriend unsuspecting Israeli soldiers. Once the hackers were able to win the trust of soldiers, they recommended them to download certain apps that were created specifically to allow the hackers to take control of the victims' devices.
By making their victims download certain apps such as dating apps named WinkChat and GlanceLove and another named Golden Cup that provided real-time information about the football World Cup, hackers affiliated with Hamas installed malicious software into the victims' phones and proceeded to take control over such devices.
Once such control was established, the hackers could not only access pictures, phone numbers and email addresses of Israeli troops stationed near the border, but could also obtain video footage of military bases by covertly controlling cameras and microphones in affected devices.
"Once the infected application is downloaded, terrorists can collect contacts from the phone, enable access to SMS messages and call history, locate the phone and control the volume in order to listen to the user, download and remove files and applications, collect files and pictures, and even take pictures from the device," Israeli Defence Forces said in its website.
"The Information Security Department is already aware of attempts to get information via the internet, as this has happened before. Last year, Operation Hunters Battle exposed the false identities Hamas used in order to raise soldiers' awareness of the phenomenon and the importance of reporting incidents when they happen," it added, stating that "thanks to the soldiers' awareness, alertness, and willingness to report the incidents, Israel’s security was not damaged."
The IDF also announced that in order to protect soldiers from being targeted by hackers and to protect Israel's security, the Information Security Department has issued updated guidelines that instruct soldiers how to act if they encounter a fictitious profile and is also raise awareness of the issue and emphasising the importance of soldiers’ reporting suspicious incidents.
When asked what steps defence forces should take to prevent cyber-attacks or mitigate the resulting damage of a successful attack via vulnerable devices such as smartphones, Winston Bond, technical director EMEA at Arxan Technologies told SC Magazine UK that the best way for militaries to filter malicious apps is to use a Mobile App Management platform to run their own app store.
"Issuing phones or fully controlling them is a non-starter - even an army won't get between a teenager and their phone. But, like any other big organisation, they could use a Mobile App Management platform to run their own app store, with reviewed and approved apps," he said.
When asked if Google should be held responsible for hosting apps on its Play Store that allow hackers to gain near-complete control over smartphones, Bond added that Google cannot be blamed for this as the apps used by Hamas to target Israely defence personnel required the same permissions as those requested by many other apps.
"In any case, the apps just did the same things that legitimate apps do - every smartphone user has a dozen things that can track their location and access their photos and contacts. It is just where the data went and the context that made them dangerous.
"The solution is for organisations to make it easy to get the right, trustworthy apps for their needs. A Mobile App Management solution will be able to facilitate this," he said.