ISSC262_Paper_Zachary_Cooper

docx

School

American Military University *

*We aren’t endorsed by this school

Course

262

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

6

Uploaded by UltraLemur3395

Report
Mobile Device Attacks: Be a Hard Target Zachary Cooper Red and Blue Team Security: ISSC262 Professor Brian Burnett May 21, 2023
2 Mobile Device Attacks In the year 2023, the average person in wealthy and technology advanced countries have a mobile device, such as a cell phone. These devices are usually within arm’s reach of their owner at all points of a day. We depend on our mobile devices for every aspect of our lives from communicating with loved ones, banking, entertainment, staying organized, and more. Our reliance on mobile devices makes them a prime target for cybercriminals and nation-state cyber actors. Of all deigital fraud and attacks, mobile devices being involved accounts for more than 60 percent of the incidents (Nelson, 2023). To better protect ourselves, it is important to remain educated on the threats and know how to makes us hard targets and better protect our technologies and information. The first part in understanding mobile devices and attacks on them is understanding the threats posed to these devices. Threats can stem from across multiple domains from physical to most notably on the internet. Internet attacks on mobile devices are like those on typical networks with some minor adjustments and a particularly larger attack surface due to the breadth of use and applications on mobile devices. For example, phishing attacks are commonly known but a form that attacks not only emails on mobile phones, but texting capabilities is SMiShing. SMiShing works like typicla phishing, where a message is sent to a target with the intent of clicking a link that will download some form of malware. The difference relies in the medium of the method where phishing is typically done through email and SMiShing is done through Short Message Service (SMS), or texting (Ranjan, 2023). Another threat to mobile devices is created through its inherent wireless capabilities. While a typical network can have wireless capabilities, a mobile device has multiple means of connecting to other devices and to the network (Ranjan, 2023). Mobile devices have not only cell service but also Wi-Fi and Bluetooth capabilities. The attack surface of mobile devices, because of the
3 Mobile Device Attacks methods of connection, is very large (Archon, 2023). Wi-Fi runs into multiple vulnerabilities through potential for Man in the Middle Attacks (MIM). A MIM can be created through creating a fake access point where a mobile device may mistake it for one network, typically a public Wi-Fi source such as one at a McDonalds. The fake network will provide an internet connection but will also subject a target to the MIM, providing an attacker the ability to see all information going in and out with the possibility to manipulate packets and plant malware on a device (Nelson, 2023). Bluetooth is vulnerable through a vector known as Bluejacking. This is where an unauthorized message is sent to a recipient and malware can be placed. Bluetooth can also be subject to Bluesnarfing where an attacker can obtain information off a device without the user knowing (Ranjan, 2023). Wi-Fi, Bluetooth, and messages and not the only threat. Threats may come from applications with weak security, creating an access point for potential attackers. These applications may have weak algorithms that are designed to allow access to a user’s device. Otherwise, the application may have taken a shortcut. Knowing the threats and what is out there is great, but the real understanding is the ability to notice your device is compromised. An important piece in understanding if there has been an attack on your device has two parts: understanding the baseline of your device and having a method to scan the device. First off, mobile devices are used every day and sometimes for most of the day. Every person knows the typical speed at which their mobile device operates. If the device is abnormally sluggish, this could be a tell-tale sign that there is something wrong with the device and that someone may have caused this degradation of the phone with some malware. Typical signs include applications taking longer to load, battery draining abnormally fast, and
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
4 Mobile Device Attacks applications that you did not download are now present. The only way to notice this is to know the baseline of the device (Okedara, 2022). Something is wrong with the mobile device; it is acting slow and what is this “Watching You 24/7” application? The second part is downloading a scanner or some form of anti-virus. An anti- virus software can conduct scans, alert the user of an anomaly, and some can even delete and eliminate the threat on the device. Geekflare describes not only the benefits of having an anti- virus software on a mobile device but also lists multiple and some of their pros and cons. For example, the top choice is Malwarebytes. Geekflare describes Malwarebytes as having the ability to remove viruses and can conduct scans and audits on a device. No matter the choice for anti- virus softwares to either scan for threats or remove them, the best use of the software is to have it on a device prior to an attack. This allows for mitigating threats and stopping them as soon as possible. Stopping an attack sooner rather than later can help preserve information (Okedara, 2022). As stated, anti-virus software is not only great for eliminating a threat but is also great as a preventative measure. Multiple preventative measures exist and the best way to harden your defense against would-be attackers is to have a little bit of everything at your disposal. First off, mobile devices are sometime neglected with security, especially compared to a computer. Treating a mobile device the same as a computer in regard to protection is important due to the amount of information that goes through our mobile devices. When downloading software on a computer, a pop-up will ask “Do you trust this item to make changes to your system?” Ask yourself this when downloading an application to your phone and maybe less apps will be present on your home screem.
5 Mobile Device Attacks Another form of preventative measure is being careful with Wi-Fi. Connect only to trusted networks. The Wi-Fi at McDonalds or Starbucks is not a trusted network and it never will be. Your home Wi-Fi is a trusted network, especially if preventative measures were taken on the firewall and default settings of the home Wi-Fi. Also, keeping applications and the device up to date is crucial for security. Updates are pushed out for devices to enhance operation but also to patch discovered vulnerabilities. Delaying an update makes the vulnerability open and allows an avenue for attackers that discover and rely on your laziness to gain access. Password strength is often neglected. Passwords are plentiful and it is often too difficult to remember multiple 16-character passwords. Use of a password manager is beneficial. A password manager can create a password and save it for you. No more need to remember a password and the device will be more secure due to the automatic complexity of the passwords created in the manager. Lastly, be wary of messages sent to you and always second guess the sender and link before clicking it. It is a safe practice to reach out to someone and confirm they sent a link in a message before opening it. This practice will eliminate phishing threats (Devoteam, 2023). Mobile devices are crucial for functionality in today’s world. Security is not comfortable, but neither is being the victim of an attack. A little bit of painstaking work today can save a headache and potentially money tomorrow. Understanding your device and taking the steps to make yourself a hard target can pay dividends in the future. Be a hard target.
6 Mobile Device Attacks References Archon. Accessed on 20 May 2023. Security Threats to Mobile Devices and Countermeasures. https://www.archonsecure.com/blog/security-threats-to-mobile-devices-and- countermeasures#:~:text=Avoid%20using%20non%2Dpassword%2Dprotected,risk %20of%20transmitting%20secure%20data. Devoteam. Accessed on 28 April 2023. Preventing Mobile Malware Attacks. https://www.devoteam.com/expert-view/preventing-mobile-malware-attacks/ Nelson, B. (2023). Reader’s Digest. Top Security Threats of Smartphones (2022). https://www.rd.com/article/mobile-security-threats/ Okedara, T. (2022). How to Scan and Remove Malware from Android and iOS Phones. https://geekflare.com/remove-malware-pc-phone/ Ranjan, A. (2023). Types of Wireless and Mobile Device Attacks. https://www.geeksforgeeks.org/types-of-wireless-and-mobile-device-attacks/
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CS 132 Counseling and Interviewing Assignment 1.docx
Cooper_Assignment #5.docx
Cooper_Assignment4.docx
Cooper_Assignment #4.docx
Cooper_Assignment #7.docx
Cooper_Assignment #6.docx
Cooper_Assignment #1.docx
Cooper_Assignment #3.docx
Cooper_Assignment #2.docx
Cooper_Assignment6.docx
Cooper_Assignment2.docx
Cooper_TermProject.docx
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Systems Analysis and Design (Shelly Cashman Serie...
Computer Science
ISBN:9781305494602
Author:Scott Tilley, Harry J. Rosenblatt
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Systems Analysis and Design (Shelly Cashman Serie...
Computer Science
ISBN:9781305494602
Author:Scott Tilley, Harry J. Rosenblatt
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS