Mobile device security. Prohibition of saving passwords in the browser of a mobile device. What threatens your smartphone

Protection can be provided in various ways:

1) Use antivirus software

2) Carefully review the required permissions when installing applications (which is usually ignored)

3) Use only official application sources

4) Use third-party developments.

5) Link checking system. Allows you to eliminate the possibility of switching to infected and fraudulent resources.

6) Checking all files arriving on the device. Allows you to reduce the risk of introducing malware from untrusted sources, as well as avoid hidden downloads of unsolicited application components containing malicious functionality.

7) Formation of a list of allowed applications. Allows you to reduce the risk of launching unknown applications without first checking them for security.

8) Access restriction system. Allows you to limit the number of resources visited to the required minimum, which minimizes the risk of infection from sites containing malicious objects.

9) Anti-virus monitor. Allows you to prevent infection by malicious objects that have penetrated the user’s machine without scanning - including in password-protected archives or using special data transfer protocols.

10) Anti-virus scanner. Makes it possible to detect malicious programs that have somehow managed to penetrate the device (including during the period when the signature of this malicious program has not yet been added to the virus databases).

Modern mobile device operating systems have capabilities for centralized management, but often they are not enough - they protect data in fragments or require user intervention, so such tasks are solved by Mobile Device Management (MDM) management systems and data security systems in mobile devices.

The functionality of these systems can be illustrated by the example of solving typical problems of protecting mobile devices in corporate environment using Trend Micro Mobile Security 7.0.

Rice. 4 Trend Micro Mobile Security 7.0.

Key features of Trend Micro Mobile Security 7.0:

1) Chaotic connection of devices to corporate resources.

2) Distribution of devices and binding to users

3) Ensuring uniformity of enterprise software

4) Distribution of corporate settings and policies to devices

5) Data protection in case of theft

7) Anti-malware protection

8) Protection against telephone spam

I consider the main advantage of this program to be used in a corporate environment. Similar analogues cannot provide information security in a corporate environment.

For comparison, I decided to demonstrate another ESET antivirus NOD32 Mobile Security

Rice. 5 ESET NOD32 Mobile Security

ESET NOD32 Mobile Security is available in two versions: free (basic) and paid (Premium).
In the first 30 days, the user has access to all the features of the Premium version, including: antivirus scanner and monitor; anti-theft module; anti-phishing; application verification; SIM card protection.

In general, the program copes well with its tasks and can provide comprehensive protection for the device. However, there are also disadvantages. For example, lack of scanning functions network connection and protection of personal data. There is also no security in the corporate environment.

The core protection features of both programs are advanced and the most advanced today, but ESET NOD32 Mobile Security cannot protect the corporate environment.

Conclusion

This paper examines a comprehensive OS security system for mobile devices based on the Android OS.

The basic information required to organize such protection is provided. These include a theoretical basis and practical solutions information security such as: Methods of protecting Mobile personal devices, Types of impacts on MPU.

In conclusion, I would like to say that the number of malicious and potentially dangerous software is constantly growing and owners of devices based on Android OS can no longer use their smartphone without security software.

Bibliography

1) Internet resources:

http://www.osp.ru

http://www.trendmicro.com.ru

http://it-sektor.ru

http://technomag.bmstu.ru

2) Technical documentation

Alexey Goloshchapov 2011 Google Android. Mobile programming

Dmitriev M.A., Zuykov A.V., Kuzin A.A., Minin P.E., Rapetov A.M., Samoilov A.S., Froimson M.I., Operating Android system. 2012

B. Schneier. Secrets and lies. Data security in the digital world. Peter, St. Petersburg, 2003. 368 p.

Send your good work in the knowledge base is simple. Use the form below

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Risks of using mobile devices

Before discussing ways to block a smartphone running Android or iOS, it is useful to remember what security threats exist for a modern smartphone.

1.Data leak resulting from device loss or theft (high risk)

Unimpeded access to your smartphone can be a goldmine for any attacker who gains access to private information. If you lose your device without locking it with a PIN or password, the new owner of your phone will have access to all data including:

2.Inadvertent disclosure of data (high risk)

Developers often provide more features than a user can keep track of. For example, you may not even be aware that your device is sharing your location whenever you send a photo using a social media app. Here are some ways you can unintentionally let the world know where you are right now:

if you sent a photo with location data included;
if someone tags you in photos without your knowledge;
if you have "checked in" to a specific restaurant or cafe using a location app.

3.Attacks on a used or failed device (high risk)

If you haven't erased the information from your old mobile device properly, the next owner can easily access a huge amount of your personal data. According to research by the European Union Agency for Network and Information Security (ENISA), improperly decommissioned mobile devices can leak information such as:

call history;
contacts;
emails.

4.Phishing attacks (medium risk)

Phishing is a fraudulent form of data mining in which an attacker attempts to trick users into stealing personal information, such as passwords and credit card information, by sending them fake messages that appear to be genuine. Phishing can come in many forms:

fake apps imitating legitimate apps such as Angry Birds (http://www.technewsdaily.com/17070-angry-birds-botnet.html);
emails that impersonate legitimate senders, such as banks and other financial institutions;
SMS messages imitating legitimate senders.

5. Spyware attacks (medium risk)

If your mobile device is infected with spyware - either through a malicious app or via a website - malicious code may send your personal data to a remote server without your knowledge. Information sent by spyware may include:

all keystrokes since the moment of infection;
names, phone numbers and addresses Email your contacts;
your credit card information.

6.Use of network spoofing (medium risk)

Hackers sometimes target those using public Wi-Fi networks. If you don't use a VPN (or go to sites that require a password but don't use SSL), your data may simply be stolen. Here are some examples of information you may have accidentally disclosed:

passwords for unencrypted websites;
email passwords transmitted via an unencrypted connection to a website (authorization on many mail servers– by plaintext password).

As for risks in general, you need to remember about man-in-the-middle attacks. Such attacks are technically complex, and accordingly their likelihood is very low - only if they are hunting you personally. But no SSL can save you from it.

General Mobile Security Tips

While both Android and iOS provide their own protections for your device, there are certain measures that every user should take to counter the risks discussed above.

Data leak due to lost or stolen device

Always set a PIN, password or pattern to lock your device. They may not stop a professional hacker, but an average attacker will no longer gain access to important information, such as your credit card number and saved passwords for online accounts. Set your screen to lock your phone after a few minutes of inactivity. This feature is often enabled by default on newer phones. Use different passwords for each of the services on your device, such as email, Accounts social networks etc. This will help mitigate the consequences of identity theft. Do not store credit card information on your device. While this may be inconvenient, it will prevent a thief from using your phone or tablet to steal your data.

What to do before selling your iPhone, iPad or iPod touch

Before you sell or give away your iOS device, make sure you erase all personal data from it. To protect your data and return your device to factory condition before handing it over to a new owner, follow these steps:

Create backup copy device data.

Select Settings, General, Reset, and then Erase Content and Settings. This will erase all data from the device and disable iCloud, iMessage, FaceTime, Game Center and other services.

If your device is running iOS 7 and Find My iPhone is turned on, you'll need to enter your Apple ID and password. By entering your password, you can erase all data from your device and remove it from your account. This will allow the new owner to activate the device.
Contact the operator mobile communications for instructions on switching services to a new owner. When you turn on your device for the first time as a new owner, Setup Assistant will help you complete the device setup process.

Important! Don't manually delete contacts, calendars, reminders, documents, photo streams, or other iCloud data while you're signed in to an iCloud account, because doing so will also delete the content from iCloud servers and all your iCloud-enabled devices.

If the instructions above are not completed before selling or giving away your iOS device, please do the following:

Ask the new owner to erase all content and settings as described above.
If you use iCloud and Find My iPhone is turned on, you can erase your data remotely and remove the device from your account. To do this, go to icloud.com/find, select your device and click the “Erase” button. After deleting data from the device, click the “Remove from account” button.
If you can't complete the suggested steps, change your Apple ID password. Changing your password doesn't delete any personal data stored on the device, but it does make it impossible for the new owner to delete the information from iCloud.

Remotely wipe data on your phone or tablet if you've lost it. Devices Apple iOS can use the freely available Find My iPhone utility (http://www.bizrate.com/iphone/index__af_assettype_id--4__af_creative_id--3__af_id--%5bAFF-ID%5d__af_placement_id--%5bAFF-PLACEMENT-ID%5d.html); Android users must enable Android Device Manager in Google app Settings.

Encrypt data on your phone or tablet. Devices under iOS control will be encrypted automatically as soon as you enable a PIN or password. Android users must encrypt the phone themselves. Encryption makes it difficult for an attacker to read data from the phone when connected to a computer via USB.

Unintentional Data Disclosure

Disable geotagging on your camera app and any other apps that can access the camera. This will prevent apps from automatically tagging your location.

Protecting decommissioned mobile devices

Always restore your device to factory settings before selling or taking your phone to a repair shop. This is much more efficient than trying to clear every app's data.

When buying a new device, reset your old device to factory settings, even if you want to keep it. Theft of your old phone or tablet that still contains personal data - even if it's no longer in use - can be just as dangerous as losing your current device.

Protection against phishing attacks

Pay attention to typos in SMS messages and emails. This is often one of the signs of phishing.

Install applications only from trusted sources.

Never send your password, credit card number, or other personal information via email or text message. If you receive a message asking you to provide this type of information, then you are most likely phishing.

Protection against spyware attacks

Analyze app credentials for Android devices before installing them. If an app requires access to personal data or wants to perform certain functions on your phone or tablet, make sure those permissions are consistent with the stated purpose of the app being run.
Do not change your phone's security settings. Unlocking (Rooting or jailbreaking) your device can make it more susceptible to attack.
Use the most current software versions on your device. Manufacturers often find out about software bugs after launch, and downloading software updates can improve the security of your phone or tablet.
Don't forget to install firewall and antivirus.

Network Spoofing Protection

If possible, use a secure connection with Wi-Fi network. If you must use a public Wi-Fi connection, then register only on sites that use SSL encryption. In this case, the prefix of such a site will be https.

How to protect iPhone and iPad

Password is the first line of security for any iOS device. You can enable a simple four-digit password - actually just a PIN code (Setup, General, Passcode).

To reduce the effectiveness of brute force password attacks, iOS makes increasingly longer pauses after each new unsuccessful attempt.

Users can install iOS settings to completely wipe your device after 10 failed password attempts. To enable this feature, use the "Erase Data" switch on the Passcode screen.

If you think using only a four-digit passcode is unsafe, iOS allows you to enter a longer, alphanumeric passcode for greater security. Enable this mode through the items “Settings”, “General”, Passcode, “Complex Passcode”.

This feature is especially useful for enterprise applications because administrators can pre-specify the required passcode complexity by setting the minimum passcode length, minimum number of complex characters, and maximum number of failed attempts.

However, in my opinion, for iPhone given The function doesn't make sense. For models up to generation 4 inclusive, you can extract almost all the information from the phone, regardless of the complexity of the password (you don’t even need to break it). For iPhones starting with 4S, it is impossible to break even a simple four-character password.

In iPhone 5s Apple developers added additional authentication convenience - a touch fingerprint reader. Apple touts the security of this unique feature, but in reality it's just a convenience and doesn't add any security at all. A fingerprint can only be added if a password is already in use. You can also log in with a password; using a fingerprint is simply faster and more convenient. Rather, security is even reduced, since the fingerprint can be faked (this has already been demonstrated). However, this must be done within 48 hours (if the phone has not been unlocked within two days, then you can only log in using the password).

Using mathematical methods fuzzy hatching and secure sketch, software converts a digital fingerprint into a binary string equivalent in complexity to a password of five or six alphanumeric characters.

This is less secure than a long, completely random alphanumeric passcode, but more secure than a four-digit PIN or dictionary-based alphanumeric password. Touch ID requires you to enter a four-digit PIN as a backup option.

To set up Touch ID on iPhone 5s, go to Settings, Passcode & Fingerprints, Fingerprints. Then select "Add a digital fingerprint."

Place your finger on the return button several times without pressing down on the button. As you keep touching the back button, the gray lines gradually turn red. When all the lines turn red, the phone has successfully received your digital fingerprint.

Then hold your phone as you normally would, unlocked, and swipe the edge of your finger over the back button. This ensures that the iPhone unlocks even if you don't press the back button the same way every time.

Press the return button to turn on iPhone screen, and then place your finger on the back button to unlock your device.

If you lose your iPhone or iPad, you can wipe the device remotely using the built-in software.

To enable Find My iPhone, go to Settings, iCloud. Enter your Apple ID and password, and then switch the Find My iPhone slider to On.

After this, you can clean your phone using any web browser. Go to icloud.com/#find and enter your Apple ID. Click iPhone Find My, All Devices, and then select the device you want to clean. Finally, in the window that appears, click Erase and enter your Apple ID password.

If your device is running iOS7, you will be prompted to enter your phone number and a message that will appear on the device screen.

Of course, if you ever have to wipe your iOS device, you'll want to keep your data so you can recover it later. Luckily, iCloud makes it easy to maintain and restore content.

To turn on iCloud backup, go to Settings, iCloud, Backup & Storage, and then toggle iCloud Backup to On. The service will automatically back up your data as long as your device is connected to Wi-Fi and you turn on Charger and lock the screen.

To restore old content on a new iOS device, select Recover from Reserve copy iCloud".

If the device was already set up before restoring, you can wipe it by selecting Setup, General, Reset, Erase All Content and Settings, and then select Restore from Backup iCloud copy" during installation.

Apple also helps avoid unintentional data disclosure situations. You can turn off geotagging in photos, for example, in “Settings”, “Privacy”, “Location Services”, “Camera”, “Other”.

The Safari browser on iOS provides built-in phishing protection that is enabled by default. This function will display a warning when you visit a site suspected of phishing.

However, you must enable the Activation Lock function:

http://support.apple.com/kb/HT5818?viewlocale=ru_RU

However, it is worth remembering that this protection is rather a “fool-proofing”. Experienced burglars can still reset everything. Another important point: you cannot install a jailbreak, this will VERY significantly reduce the level of security.

How to protect your Android phone or tablet

The Android operating system provides four various methods locking your phone or tablet, which can be enabled in “Settings”, “Security”, “Lock screen” (the menu depends on the phone).

Protecting information on Android devices with built-in tools

Let's look at what you should protect and from whom.

What are we protecting?

Account information. If you have set up synchronization with Facebook, Dropbox, Twitter, accounts and passwords for these systems are stored in open form in the phone profile folder /data/system/accounts.db.
History of SMS correspondence and phone book.
Web browser data. Your browser may store your login information on third-party web servers. In case you are synchronizing mobile browser (Google Chrome, Firefox, Maxton, etc.) with a desktop version of the browser, please note that you can access all your passwords from your smartphone (tablet).
Memory card. Typically, photos and video files are stored on the card.

What threatens your smartphone

Theft (loss). I doubt that the finder will need your data. Unless it will be a targeted attack on your enterprise. Although, of course, I will not rule out this option. Most likely, your phone will be reformatted, maybe reflashed.
Protection from curious people. Your children (relatives) or colleagues may want to access your smartphone. Have you ever left your smartphone unattended?
Targeted theft of your smartphone. In this case, only full encryption will save you.
Malware attack.
Phishing attack.

To solve these and other problems, both built-in security tools and programs are used third party developers. Let's discuss some methods of protection.

Built-in security

We will look at built-in security features using an example. Samsung tablet Note 10.1.

Lock the screen of a smartphone (tablet). Unlocking the screen can be done:

By touching the screen (swipe it with your finger) - in fact, there is no protection;
Face recognition (low security level);
Face and voice (low security);
Signature (low security);
Drawing (medium security level);
PIN (medium or high security level);
Password (high security level).

Let's take a closer look at each of the options.

Select "Face Recognition" from the menu. Read the text carefully and continue setting, see Figure 1.

Setting up this menu item is no different from the previous item, so we will not consider it in detail.

In this case, you need to write your keyword(you are asked to write your name) three times, see Figure 2. It is with the help of this word that your device will be unlocked.

The drawing has a medium degree of security. To do this, you need to connect at least four points in the figure in any order (see Figure 3).

Attention! If you forgot the drawing:

The number of drawing attempts is limited - 5 times (in some phone models the number of attempts can reach up to 10).
Once you have exhausted all attempts and still haven't drawn the drawing correctly, the phone is locked for 30 seconds.
The phone asks for the username and password of your Gmail account.
This method will only work if your phone or tablet is connected to the Internet. Otherwise, it will reboot and return to the manufacturer's settings.

PIN – a sequence of numbers, at least four characters. Naturally than longer line numbers, the higher the level of security.

Password is the highest level of security. Contains a combination of letters and numbers. If you use a password for access, you can use the Phone Encryption option.

Encrypting phone memory

This feature is available for smartphones and tablets using Android versions 4.0 and higher. It may not be available in budget smartphone models. You will only be able to use encryption if you have a screen lock set with a password. Using encryption, you can save user data located in the memory of your smartphone (tablet). Please note that the program does not encrypt the SD card. Encryption may take up to 1 hour depending on the device memory, see Figure 4.

Figure 4. Encrypt the device

If you have forgotten your password, then the only solution is to reset to factory settings. Naturally, all user data will be lost.

Disadvantages of encryption:

Available on Android 4.0 and higher operating systems.
Not available on all smartphone (tablet) models. Most often found in phones from Samsung, HTC, Philips. Some Chinese models also have an encryption function. On HTC phones this function is located in the “Memory” section.
The user must constantly enter a rather complex (6-10 characters) password, even if he just needs to make a call.
If you want to remove the protection, you can only do this by full reboot phone, resetting the settings to factory settings.

Encrypting an external SD card

This feature is included in the standard Android 4.1.1 package for tablets. Missing from many budget builds. The function provides reliable data protection on external SD card(see Figure 5). Personal photos and text files with commercial and personal information.

Figure 5. Setting up external SD card encryption

This function allows you to encrypt files on an SD card without changing their names or file structure, while preserving preview graphic files. It requires setting a display lock password of at least 6 characters (at least one digit). When changing the password, automatic re-encryption occurs.

In August 2013, Google finally made it possible to remotely monitor and clear Android devices, eliminating the need for users to use third-party applications for this. Unfortunately, Chrome for Android does not have its own anti-phishing filter. To receive alerts when you visit suspicious sites, you will need to install an antivirus application. Currently available free and paid applications from Bitdefender, Doctor Web, McAfee, Sophos, Kaspersky Lab, etc.

Android is also more susceptible to malware than iOS. Google screens apps much less rigorously than Apple, and as a result, fraudulent apps that secretly install malware often appear on Google Play. Additionally, unlike iOS, Android gives users the option to download apps from third-party sources

Android and iOS – which devices are more secure?

Apple has created perhaps the most secure operating system available on desktops and mobile devices. In six years, 300 million iPhone modules were sold, but not a single case of malware infection of unlocked iOS devices was recorded.

This is not to say that iOS is impregnable. It's just that today it is much more secure than the Android operating system. Even though Android has greatly improved security over the years, there is still a lot that needs improvement. First of all, this is development and installation Android updates to devices.

Of course, I would like to see native anti-phishing tools for Chrome on Android. It would also be desirable to have stricter control of applications on Google Play. Ultimately, however, Android remains less secure than iOS due to basic design principles. It is worth noting that today most malicious applications are developed specifically for devices running Android.

Many modern users are increasingly choosing mobile devices as their main way of communicating with the Internet. With the help of smartphones and tablets, you can now satisfy almost any Internet need. Here you go various applications(Instagram, Twitter, VK, Facebook), built-in camera, and ease of portability of the device. It is not at all surprising that cybercriminals have taken aim at mobile platforms, where people inexperienced in the field of information security are gradually migrating.

Introduction

It should be remembered that the main goal of modern cybercriminals is to make a profit; the times when malware was developed for entertainment or destructive actions are long gone. Consequently, attackers are focusing on methods of making profit through mobile devices ordinary users. But what are these methods, and how can you protect yourself from them? We will look at this below.

Mobile ransomware

Ransomware has become an extremely common class of malware for desktop computers. Given this success, attackers decided to use similar schemes in the case of mobile devices. As a rule, they block the operation of the device, demanding a ransom from the victim, after payment of which they return control of the smartphone or tablet to the user.

Criminals also target call history, contacts, photos or messages, which almost always forces the user to pay the requested amount.

Among the most dangerous examples of ransomware for mobile devices is the first mobile ransomware that uses an accessibility service. The malicious program is equipped with two extortion tools: it encrypts data in the device’s memory and can also change the PIN code to an arbitrary one.

Using the Android Accessibility Service (makes your device easier to use for people with disabilities) is one of the most dangerous innovations adopted by cybercriminals. Thus, attackers successfully attack the most popular mobile platform- Android.

And a lot can be done with the help of security flaws in devices - for example, the Trustjacking vulnerability discovered in April. Trustjacking could be used by luring a user to a site containing a special code.

Sometimes the security measures developed do not help Google corporations and Apple for its Google Play and App Stores. So, on Google Play, experts came across . After installation, the messenger loaded a second application, which collected information about the device’s location, saved calls, audio and video recordings, text message and other private user information.

With the growing popularity of cryptocurrencies, as well as their exchange rate, attackers became interested in miner programs that extract cryptocurrency for the owner at the expense of ordinary users’ devices. In the same Google Play, researchers found legitimate programs, .

The collection of confidential data is also of interest to criminals, so they develop applications like, which can record calls made by a user on a mobile device controlled by operating system Android.

Many people are of the opinion that iOS does a much better job of protecting against malicious applications than its main competitor. Former head of Vladivostok Igor Pushkarev, who is under investigation, somehow. According to Pushkarev, this system is extremely unworthy of protection.

Contactless payments (Tap and Pay)

Have you already heard about NFC (“near field communication”, “near field communication”)? If you explain in simple language, the technology aims to expand the contactless card standard by allowing users to pay for purchases using their mobile device. Thus, a bank account or credit card, which attracts scammers even more.

To steal user funds in case of using NFC attackers resort to the “bump and infect” method, which exploits vulnerabilities in NFC. This method has proven itself in the past, allowing criminals to steal money from citizens' accounts, the use of "bump and infect" is especially common in places such as shopping centers, parks or airports.

Methods for protecting mobile devices from cyber threats

In this section we will not write anything radically new; you have probably already heard all these recommendations before us. However, we'll brush up on the basics. safe work with mobile devices that guarantee ordinary users the minimum security of their information, which is simply necessary in the current situation.

You should remember the following nuances:

Perhaps, if we are talking about ordinary users, it would be useful to install it on a mobile device antivirus program. With constantly developing malware for mobile devices, you need to treat your smartphones and tablets like a desktop computer, which most users will certainly equip with an antivirus from some manufacturer.
Create more complex passwords. If you are still in the habit of using your pets' names as passwords, then urgently change this approach. Create passwords that are at least 8 characters long, and do not forget that they must contain letters, numbers and symbols. It is highly discouraged to use words that are easy to guess - for example, the name of your child or dog.
Keep your software updated. It would also be a good idea to ensure that the programs on your device are current versions, since upcoming updates eliminate certain vulnerabilities that could be used by attackers to gain access to your files.
Check bank statements and mobile payments. Make sure you stay on top of your transactions by regularly checking your mobile payments and bank statements for suspicious purchases made using your mobile devices.

In addition - but this is rather for the paranoid - disable unused functions. For example, it is better to keep GPS, Bluetooth or Wi-Fi turned on only when you are using them. And if possible, do not store personal data (passwords and other credentials) on your mobile device.

conclusions

It is obvious that cybercriminals have long regarded mobile devices as one of their priority targets, and the introduction of technologies like NFC, which make these devices an even more tasty morsel for scammers, adds fuel to the fire. Always remember that attackers are interested in two things: your cash, your personal data (which can then also be sold or used to steal money). Based on this, draw a conclusion about what can be stored on the device and what is better left to more secure platforms.