Definition

mobile device attack

A mobile device attack is an exploit targeting handheld communications devices, such as smartphones and tablets.

Ed Skoudis, founder and senior security consultant of InGuardians, a security consulting firm, describes one scenario: "Bad guys are going to the Android Marketplace, pulling down an app, building a backdoor into it and selling it in another Android app store for a lower price."

As with other types of device attacks, the ultimate target is usually a network rather than the device itself. If a corporate network is not secure, access can be simple. Errata Security CTO Dave Maynor described a potential exploit: An attacker mails an iPhone with a high-capacity battery to the target organization. If the corporate network allows ad-hoc connections for employee's wireless devices, the attacker can connect to the network and access any information available to authorized users.

To protect the corporate network from such attacks, Skoudis recommends that corporations develop mobile security policies and evaluate mobile apps before allowing them. Skoudis also recommended that businesses develop a robust, secure wireless infrastructure, with a segmented wireless network dedicated solely to any mobile devices not deployed by the enterprise.

 

This was last updated in August 2012
Contributor(s): Eric B. Parizo, Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • POODLE attack

    - A POODLE attack is an exploit that takes advantage of the way some browsers deal with encryption. POODLE (Padding Oracle On Downgraded Legacy Encryption) is the name of the vulnerability that enabl... (WhatIs.com)

  • POODLE (Padding Oracle On Downgraded Legacy Encryption)

    - POODLE (Padding Oracle On Downgraded Legacy Encryption) is a security flaw that can be exploited to conduct a man-in-the-middle attack that targets Web browser-based communication between clients a... (SearchSecurity.com)

  • Trusted Platform Module (TPM)

    - A Trusted Platform Module (TPM) is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication. (WhatIs.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About mobile device attackPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.