Android devices are proving a rich hunting ground for malicious hackers. Since August, more than a million of them worldwide have been infected with Gooligan malware, probably via an app downloaded from a porn site or third-party app store. Once Gooligan is downloaded onto an Android smartphone, it is able to ‘root’ the device, gaining top-level privileges, and from there it steals authentication tokens for Google accounts.
Gooligan’s aim is to force the phone to download apps as part of a huge advertising fraud scheme, which is estimated to be netting the perpetrators up to $320,000 every month. But it’s easy to see how this level of root privilege could be used for far more insidious ends, harvesting personal and corporate data and carrying out a huge range of criminal activities.
Gooligan isn’t the only wide-reaching attack on Android devices to have been exposed this year either. StageFright and HummingBad are both highly sophisticated pieces of malware that can enable hackers to take remote control of Android devices, while QuadRooter’s set of four vulnerabilities were revealed to affect up to 900 million Android devices worldwide.
So it’s easy to believe that Android devices are not a secure choice for your employees. Certainly, the sheer diversity of the Android ecosystem – different OS versions, different implementations by different device vendors – does create multiple vulnerabilities that can be targeted and exploited by criminals. But there’s no need to get paranoid about Android just yet. Instead, it’s time to fundamentally rethink the way we approach securing Android devices – which is at the heart of what Kaymera does.
In a world of such multifaceted and variable Android threats, mobile security needs to be built up in layers. At Kaymera, we build four key layers of security into mobile devices, and manage them as a cohesive whole. The first layer is encryption of data in motion – so every call, SMS and data transmission can’t be intercepted and read by prying eyes as well as data-at-rest so no one can access the information on your device. The second layer protects the device from malicious code or applications that try to run on the device, via 4G, WiFi, Bluetooth and USB. These channels and interfaces are constantly scanned for misuse so any attempt to download information immediately gets blocked.
Third is a layer of protection to prevent unauthorized users or applications that try to use the device’s resources, like the microphone, camera or Bluetooth, without permission. And the final layer detects anomalies in the network, WiFi channels and cellular network, or anomalies on the device itself; apps or processes that act upon resources of the device.
What’s more, these four layers aren’t just static protections – they provide active analysis of the current state of threats facing the device. They each give a risk score based on analytics – and that score is fed into our risk engine. We look at thousands of parameters and assess the specific risk level for that device and that user, based on which we apply the organization’s security policy. Whether it’s a ‘Man-in-the-middle’ attack, interception, recording, blocking and encrypting your channel, if we identify a malicious behavior we can block access to resources for the entire organization if needed, based on the level of risk.
The Kaymera device looks and acts the same as a standard smartphone, but unlike normal security apps, Kaymera delivers complete, effective protection. It delivers military-grade security, applicable to Government sectors, as well as corporate enterprises with high risk levels that require advanced security measures
The Android landscape is full of highly sophisticated threats, and sometimes the sheer numbers of vulnerable devices out there can seem overwhelming. But by stripping back our approach to mobile security and starting from the hardware up, we can create a landscape in which individuals and business can use their Android devices – without being paranoid.
