Identifying the Threat
Several mobile devices, like smartphones, have many potential entry points for a compromise. A compromised mobile device can provide a wealth of information to an attacker. Due to their ultra portability, short-range devices such as Bluetooth, Infra-red and Wi-fi are more viable avenues of exploitation.
Potential Threats from Compromised Mobile Devices
- SMS messages give an attacker the ability to search for your passwords and/or perform unauthorized financial transactions.
- Emails give an attacker the opportunity to access your private corporate information such as credentials and password reset links.
- Phones: Low-level access to your hardware allows an attacker to record or listen to your voice conversations.
- Social Networking: Attackers pose as you, allowing the retrieval of your personal information and your social contacts.
- Operating system vulnerabilities.
- Physical access to lost, stolen and/or unattended devices.
- Video/Photo: Low-level access to your hardware provides an attacker with the ability to retrieve video and/or photos from your phone to provide details of its surroundings.
- Built-in GPS or GSM antennas allow attackers to identify the location of your mobile device.
- Attackers are able to access documents stored on your device, including email attachments such as PDF files, Microsoft® Office files, credentials, encryption certificates, internal videos and e-books.