Biz Builder Mike

You can't sail Today's boat on Yesterdays wind - Michael Noel

FBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVID

by

FBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVIDFBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVID

The Federal Bureau of Investigation (FBI) recently issued an announcement encouraging Americans to exercise caution when using hotel wireless networks (Wi-Fi) for telework.

The announcement – in-part – states, “FBI has observed a trend where individuals who were previously teleworking from home are beginning to telework from hotels. US hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment. While this option may be appealing, accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks. 

“Malicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests. Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework.”

Hotels always an issue

Unfortunately, this doesn’t surprise us. Hotels have always been a prime spot for criminals to try to gain access to mobile devices – even at hotels hosting mobile security conferences. 

As smart as mobile devices are, devices search for networks and can inadvertently connect to a spoofed network (if the user has been to the hotel before) or show the spoofed network to the user. Per the FBI note, “Criminals can also conduct an ‘evil twin attack’ by creating their own malicious network with a similar name to the hotel’s network. Guests may then mistakenly connect to the criminal’s network instead of the hotel’s, giving the criminal direct access to the guest’s computer.”

The FBI note goes on to say, “Connecting personal or business devices to the hotel’s wireless network may allow malicious actors to compromise the individual’s device and then access the business network of the guest’s employer. Once the malicious actor gains access to the business network, they can steal proprietary data and upload malware, including ransomware. Cybercriminals or nation-state actors can use stolen intellectual property to facilitate their own schemes or produce counterfeit versions of proprietary products. Cybercriminals can use information gathered from access to company data to trick business executives into transferring company funds to the criminal.”

We are the answer

Our solution – zIPS – the same solution the Department of Defense (DoD) is using to deliver comprehensive Mobile Endpoint Protection (MEP) to the unclassified devices of servicemen and women around the world – will protect and detect these types of network attacks. 

Zimperium, the global leader in mobile device and app security, offers the only real-time, on-device, machine learning-based protection against Android, iOS and Chromebooks threats, including the detection of device, network, phishing and malicious app attacks. 

To learn more

To read the entire FBI announcement, click here. To learn more about how we can help, click here

Previous Zimperium Mobile Security Blog PostPrevious Zimperium Mobile Security Blog Post Top 5 Mobile Security Stories of a Crazy 2020

FBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVID

Source

Dutch MIVD Joins U.S. DoD in Acknowledging Mobile Device Threats

by

Dutch MIVD Joins U.S. DoD in Acknowledging Mobile Device ThreatsDutch MIVD Joins U.S. DoD in Acknowledging Mobile Device Threats

Recently, the Military Intelligence and Security Service division of the Dutch Armed Forces Central Command warned that businesses no longer meet using smartphones or tablets. 

According to De Telegraaf (use Google Translate to translate), the highest boss of the Military Intelligence and Security Service (MIVD) advises large companies no longer to meet with smartphones or tablets on the table. According to Major General Jan Swillens, there is a chance that hackers will listen in when, for example, trade secrets are discussed. 

The article goes on to say that hackers from countries such as China and Russia regularly attempt to steal sensitive information. When asked, Major General Swillens raises the topic of meeting with a smartphone on the table. “They are super handy, you have all your information at hand. But the risk of espionage is simply too great,” said Swillens.

Zimperium protects against mobile threats

Major General Swillens is correct, smartphones and mobile devices are super handy. As a matter of fact, the U.S. Department of Defense (DoD) agrees, but has taken a different strategy in addressing the security concerns. 

The Defense Information Systems Agency (DISA), a DoD organization, just selected Zimperium Mobile Threat Defense (MTD) to deliver comprehensive Mobile Endpoint Protection (MEP) to the unclassified government furnished (GFE) devices of servicemen and women around the world. 

Zimperium will protect DoD mobile users and endpoints against phishing, malicious/risky apps, OS exploits and network attacks. According to our CEO – Shridhar Mittal – this is a watershed moment for the mobile and traditional endpoint security (EPP/EDR) markets overall.

The reality is, mobile devices are now the de facto platform for productivity in business. Unfortunately, unlike the traditional computing devices (e.g., servers, desktops and laptops) the majority of mobile devices are not protected against phishing, malicious/risky apps, OS exploits and network attacks. 

That said, enterprises and government agencies are now realizing mobile devices are an unprotected endpoint with access to or containing all of the information of a traditional endpoint. Although the risk of hacking mobile devices is very real, there are precautions companies and governments can take to protect themselves. 

Zimperium, the global leader in mobile device and app protection, offers the only real-time, on-device, machine learning-based protection against Android, iOS and Chromebooks threats. 

Powered by z9, Zimperium provides the most complete protection for mobile devices and apps against device, network, phishing and malicious app risks and attacks. In other words, large companies – when using Zimperium’s solutions – should have peace of mind knowing their mobile devices and tablets are protected.

Contact us

To learn more about how Zimperium can help, please contact us

Previous Zimperium Mobile Security Blog PostPrevious Zimperium Mobile Security Blog Post Zimperium is Honored to Protect U.S. Department of Defense Mobile Devices

Dutch MIVD Joins U.S. DoD in Acknowledging Mobile Device Threats

Source

Remote Learning Risks Facing Students

by

Remote Learning Risks Facing StudentsRemote Learning Risks Facing Students

As summer turns into fall, more and more schools are starting the 2020-2021 academic year. Faced with uncertainty in an ever-evolving climate, school districts and higher learning institutions are struggling to do what is best for students and teachers alike. 

There are no easy answers. We’ve seen months of careful planning and preparation turn on a dime at the University of North Carolina and Notre Dame, where the campuses have recently closed because of “COVID hot spots” turning up. Unfortunately, these schools may very well not be the exception. 

For K-12, many school districts are opening with at least some degree of remote learning. Remote learning means increases in Chromebooks usage. 

We recently held a webinar entitled Protecting Chromebooks Used by Schools, Cities & States in which I had the pleasure of speaking with Karen Jackson – Interim Executive Director, New College Institute; President, Apogee Strategic Partners; and former Secretary of Technology, for Virginia. We both provided insights on the risks schools face and what can be done – – you can watch the webinar by clicking here. 

For schools relying on Chromebooks for remote education, students, teachers and administrators face the same privacy and security threats associated with laptops and mobile devices, without the same security measures. In a suburb of Dallas, Texas, we’ve already seen a hacker get into a sixth grader’s online classroom and send threatening messages.

With the exception of the mandated content filtering that prevents students from going to inappropriate sites, students are very vulnerable to cyberattacks. And unlike laptops, desktops – or iOS and Android devices for that matter – Chromebooks have not been provided protection from breaches.

Meaning, students are susceptible to network and phishing attacks, malicious apps, OS exploits and risky apps:

zIPS for Chromebooks – through its machine learning-based technology – detects and remediates against those attacks (and more): 

  • Identifying and blocking users from accessing phishing sites;
  • Detection of malicious WiFi networks and alerting users to disconnect from the network; and 
  • Assessment of all Android apps for undesired violations of privacy, or unsecure development practice.

zIPS for Chromebook’s on-device design also protects user privacy and provides local, continuous assessments of the mobile endpoint.

The combination of content filtering and zIPS for Chromebooks better protects students. 

To learn more, please watch the webinar and contact us. We are here to help.

Previous Zimperium Mobile Security Blog PostPrevious Zimperium Mobile Security Blog Post Zimperium Mentioned in Several Gartner Hype Cycles
MAPS Helps Enterprises Avoid Mobile Application Security Pitfalls Next Zimperium Mobile Security Blog PostNext Zimperium Mobile Security Blog Post

Remote Learning Risks Facing Students

Source