MOBILE

SECURITY
NADAV PELEG
Petr KadrmasHEAD OF MOBILE
SE Eastern Europe SECURITY
YOU DON’T NEED TO
BREAK A WINDOW TO
BREAK INTO A HOUSE
YOU JUST NEED
SOMEONE TO
LET YOU IN
MOBILE USERS ARE
3 VECTORS OF

Infected Apps Network Attacks OS Exploits

 DAMAGES
Stealing Taking
Tracking Contacts list Photos
Location Hijacking
Stealing Messages
Emails Microphone
Recordings Stealing
Passwords
MAJOR ATTACKS
 #1 #2 #3

"EMM/MDM "Secure Container "It’s not a top

can protect me." can protect me." priority."

#4 #5

MISCONCEPTIONS
ABOUT MOBILE
SECURITY
"iPhone is immune "Mobile AV can
against threats." protect me."
 Container

BYOD
400
1,200
Devices

EMM
 Credential Keyloggers
Stealers

INFECTED Unauthorized mRATs

DEVICES Root Kits
 IT IS
A BIG DEAL
 #1 #2 #3

"EMM/MDM "Secure Container "It’s not a top

can protect me" can protect me" priority."

#4 #5

MISCONCEPTIONS
ABOUT MOBILE
SECURITY
"iPhone is immune "Mobile AV can
against threats" protect me"
WHAT ABOUT

iOS?
is iPhone immune
to threats?
 CAN YOU TRUST
3 rd PARTY APP STORES?

25PP.com vShare.com
more than 40M users, 150M users, 25% iOS.
8M downloads a day 15,000 iOS apps
 XcodeGhost
Collects user
and device data
and sends to
C&C server

Over 4,000
malicious apps in
Apple App Store

Source: blog.checkpoint.com
Side Stepper
 BUT STILL…
ANDROID IS 17 TIMES MORE
PRONE TO THREATS THAN iOS*
Time gap from
vulnerability to fix

Only 20%
update Android OS

Google Play is less

secured than Apple
App Store

*Source: Check Point Mobile Threat Prevention Intelligence

 WHAT ABOUT
ANTI-VIRUS?

Can mobile anti-virus

really protect me?
HOW MOBILE
ANTI-VIRUS
WORKS?

SIGNATURES
can be easily bypassed
by obfuscation
Bypassing AV Detection of Mobile Spyware
Malware
detected by
Anti Virus
Obfuscation
tool for
Android
apps Obfuscated version of
Phonetail app created
Malware
bypassed AV
inspection
AV CANNOT
PROTECT
AGAINST
UNKNOWN
MALWARE
 #1 #2 #3

"EMM/MDM "Secure Container "It’s not a top

can protect me" can protect me" priority."

#4 #5

MISCONCEPTIONS
ABOUT MOBILE
SECURITY
"iPhone is immune "Mobile AV can
against threats" protect me"
 Mobile Threat Prevention
Unknown Threats and Zero Day

MOBILE Mobile Device

Management

SECURITY Policy Enforcement

Secure
BUILDING Containers
Data Leakage
Prevention

BLOCKS Anti-Virus,
App Reputation
Known Threats
MOBILE THREAT PREVENTION
Advanced Threat
Detection and Mitigation

Best Mobile Threat

Catch Rate

Full Visibility

Simple Deployment
MDM
EMM
 Threat Technologies

Advanced App Network Anomaly Host Threat Threat Framework

Analysis Detection Analysis Multi-dimensional
Sandboxing (Emulation) Wi-Fi Man-in-the-Middle Malicious Risk/Trust assessments
Advanced Static Code (MitM) attacks Configurations Accurate risk
Analysis Evasive botnets and Exploits and file system classifications to
time bomb malware manipulation effectively mitigate risk
Uncovers new malware
and targeted exploits

[Protected] Non-confidential content ©2015 Check Point Software Technologies Ltd. 28

MAXIMUM
LEVEL OF
SECURITY
 WITHOUT
IMPACTING
USABILITY

It’s All About the End

User Experience
 Taking Mobile Security Beyond
Mobile Threat Prevention
Target solutions for mobile use-cases

Mobile Threat Capsule Capsule

Prevention Cloud Workspace & Docs
Threat Prevention for Protect laptops Protect business data
mobile devices when off the on mobile devices
business network

©2015 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals​ 31
 Capsule Workspace

SECURELY log-in

EASILY ACCESS
business applications

PLACE ONLY business information under

IT’s control
*****

Protect business data E V E R Y W H E R E

©2015 Check Point Software Technologies Ltd. 32
 Capsule Docs

SECURITY FOLLOWS THE DOCUMENT

Classify

Share

Encrypt

©2015 Check Point Software Technologies Ltd. 33

THANK YOU