Zimperium's Tuesday presentation at Deutsche Telekom's Magenta Security Summit. To gather mobile threat intelligence you must enable your mobile devices with mobile threat sensors.
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Corporate Mobile Risks
1.
2.
3.
4. By 2018, 25% of corporate data traffic will flow directly from
mobile devices to the cloud bypassing enterprise security
controls.
By 2020, 60% of digital businesses will suffer major service
failures, due to the inability of IT security teams to manage
digital risk.
Gartner, Special Report: Cybersecurity at the Speed of Digital Business,
Paul E. Proctor, Ray Wagner, August 30, 2016
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19. Have we adopted a position concerning
the acceptable risk posture of mobile
devices, and can we enforce it?
Have we performed an
assessment of all potential
risks associated with our
mobile apps?
Do we know if threats are being
perpetrated on our employees’
mobile devices today?
20.
21.
22.
23.
24. Global Threat Analysis Report Over 3800 Critical* threats in 7 days
• 63% of threats were network based
• 36% were App based
• >1000 devices involved across 86 unique networks
Top 4 Threats
• Suspicious Apps (36%)
• Fake SSLs (35%)
• SSL Strip (23%)
• ARP/ICMP MITM (4%)
24
362
18
6
114
514
13
15
1066
ARP MITM
Fake SSL certificate MITM
ICMP Redirect MITM
Rogue Access Point
SSL Strip
Suspicious Android App
System Tampering
Traffic Tampering
Grand Total
# of Devices
2%
35%
2%
0%
23%
36%
1%
1% # of Threats
ARP MITM
Fake SSL certificate
MITM
ICMP Redirect
MITM
Rogue Access Point
SSL Strip
App
Based
36%
Device
Based
1%
Network
Based
63%
Threat Distribution
App Based
Device Based
Network Based