MENLO PARK, Calif., April 16, 2015 (GLOBE NEWSWIRE) -- Enterprises face a greater threat from the millions of apps their employees casually use each day than from mobile malware. Through 2017, 75 percent of all mobile security breaches will be through apps, not through deep technical attacks on the OS, according to Gartner1. Called 'riskware,' these seemingly harmless apps expose enterprise users to data leakage, credential theft and the exfiltration of private information used to target employees in precise, advanced attacks. Attackers can also use mobile apps to target enterprise users, gain valuable information about corporate networks, employees and directories, and socially engineer passwords.
Marble Security has found that in an average enterprise with 2,000 users of BYOD Android and iOS devices:
- The enterprise will be exposed to 20,000 unique apps from thousands of publishers
- These apps will communicate with servers in more than 40 different countries
- Thousands of these apps in the enterprise will not have any privacy policy
Enter Marble Security's AppHawk, the just-announced enterprise mobile threat intelligence and defense service that determines which iOS and Android apps send personal and corporate data beyond the enterprise, what data is transmitted and where that data is sent, and assesses the risk to the enterprise. AppHawk, which is tightly integrated with leading mobile device management (MDM) and enterprise mobility management (EMM) solutions including MobileIron, provides dynamic app threat detection and protection while ensuring employee privacy. AppHawk offers automated controls for malicious apps that leak sensitive corporate data, dynamically assesses threat levels and where data is sent, and assures safety of BYOD program rollouts.
AppHawk is powered by Marble Security's app analysis engine and database of more than 3 million analyzed apps from 500,000 publishers. Each app is scored against more than 1,000 potentially malicious and privacy-leaking behaviors to determine whether it is risky or safe. The locations that apps communicate to are evaluated against threat intelligence of tens of millions of malicious locations.
"Risky apps frequently lead to advanced persistent threats (APTs), spear phishing attacks on employees and leaked corporate data," said Dave Jevans, CEO, chairman and CTO of Marble Security. "Without considering the potentially negative effects on their personal identities and workplaces, enterprise users nonchalantly give riskware apps sweeping permissions, not realizing that their data may be sent to remote servers and advertising networks all over the world, where it can be mined by cybercriminals and hostile governments seeking access to corporate networks. AppHawk uses deep analysis to identify risks and dynamically assess threats to the enterprise."
To combat these often overlooked dangers, AppHawk's automated workflow identifies a dangerous app on the employee's device, prompting an alert to remove it. If the employee fails to do so in time, AppHawk quarantines the device. Once the app is deleted, corporate services are reinstated.
The service's optional mobile client educates employees by showing if they've downloaded dangerous apps at a glance, advising on deletion and graphically mapping where in the world an app is sending their data.
The easily configurable AppHawk administrative console uses a dashboard to show the overall state of app security in mobile deployments. Enterprise controls include:
- Dashboards and reports of mobile app risks throughout the enterprise
- Setting thresholds for risky app behavior and restricting specific behaviors
- Ability to white list, black list and gray list specific apps and publishers
- Alerts for admins and users when apps exceed risk thresholds
- Quarantining devices or denying access to enterprise services and data until risky apps are removed
Risky apps that violate users' privacy may:
- Send an entire address book and calendars to servers across the Internet, exposing personal data to advertisers and criminals alike and providing details for targeted attacks
- Profile enterprise networks, Wi-Fi and VPN connections, giving attackers valuable insight into attack vectors and network topology
- Access, read and mine users' email, cloud storage or social media accounts, exposing data
- Read text messages and phone call histories, enabling third parties to socially engineer users' profiles
- Read Web browser histories, allowing attackers to learn where users live, work and bank
- Access a user's online services, such as Dropbox, and exfiltrate all their data
- Attempt to jailbreak or root mobile devices without the user's knowledge
To learn more, visit Marble's website or read the AppHawk datasheet.
Recent Mobile Threat Stats from Marble Labs
Here are some highlights from Marble's February 2015 Mobile Threat Report:
- The U.S. accounts for more than 42 percent of the world's most dangerous mobile apps targeting non-jailbroken and non-rooted devices. These apps aren't found on shady third-party stores—they're found right in the trusted Apple App Store and Google Play—putting the everyday consumer at higher risk for privacy violation than they likely realize
- China is the second largest publisher of malicious and highly risky apps at almost 18 percent of the world's output
- Nearly one in 10 mobile apps from China puts smartphone users at risk, as do 7 percent of Taiwanese apps and 4 percent of Singapore's
Resources
- Podcast: "U.S. is the No. 1 Source of Dangerous Mobile Apps for iPhone and Android"
- Podcast: "WireLurker iOS Malware Bursts Through Gates of Apple's Walled Garden"
- White Paper: "U.S. is the No. 1 Source of Dangerous Mobile Apps for iPhone and Android"
- White Paper: "What Enterprises Need to Know About New iOS Malware"
About Marble Security
Marble Security is the leading provider of mobile threat intelligence and defense. Marble Labs, the company's research and response team of analysts, developers and cybercrime specialists, has analyzed millions of Android and iOS apps, detecting apps with malicious and privacy-leaking behaviors that frequently lead to advanced persistent threats (APTs), spear phishing attacks on employees and other information security risks.
Marble's security apps and services deliver comprehensive, correlated threat intelligence for Android and iOS devices. Marble integrates directly with mobile device management (MDM) or enterprise mobility management (EMM) solutions, providing granular risk control for bring-your-own-device (BYOD) programs. Marble Security is a Security, Reputation and Risk Management partner with MobileIron (Nasdaq:MOBL). www.marblesecurity.com
1 Gartner, 2014, http://www.gartner.com/newsroom/id/2846017