Aside from the mildly inflammatory title, the BYOD scene presents a number of worries to admins and security folks at firms that allow employees to bring their own e-tools to work. Think for a second what you’re allowing: a device that isn’t under your total control, and is probably used just as poorly as the average worker-bee’s home computer to come into your business and attach itself to your network.
Of course, that negates most of the outward-facing security: Your firewall – which surely stops a lot of incoming traffic – doesn’t necessarily do much for what’s leaving, especially once it’s being tunneled.
What’s the point? Essentially, it’s fairly easy to insert a backdoor into almost any Android .apk then get someone to download it. You don’t even need to publish it to the Google Play Store. If your employee has ever downloaded anything from the Amazon Marketplace, they’ve made it simpler to get that app installed. If they get a link asking them to try an upcoming app (The next Instagram or a way to get more something-or-others in Candy Crush) and they install it, they’ve been infected, and as long as the evil-doer has changed basic signatures within the backdoor, even mobile antivirus won’t find it.
So what? Your Windows network isn’t vulnerable to bad Androids, is it? Once that rogue app gets inside your firewall, it can be sent commands via hidden SMS, and even poke and prod at your network until it finds a hole. Once they’ve identified that one ancient computer that runs that very important software that hasn’t been supported in years and has a ton of holes, they can push the appropriate software to exploit that hole. Now they’ve got a fully pwned machine within your network. Don’t believe me?
If this interests you, be sure to follow Georgia on twitter @georgiaweidman.
Source: Bulb Security SPF
You must be logged in to post a comment.