A number of threats in the wild today can threaten endpoint security and cause data leakage from within a corporate network.
Security expert Manish Gupta told Dark Reading contributor Robert Lemos that cybercriminals will increasingly target mobile endpoints as an access portal for data leakage.
“Fundamentally, we believe that hackers have no restrictions on what they use for an infection vector,” Gupta said. “They use what works, so mobile will be an increasing vector of choice.”
One recently popular threat is the back-door Trojan, which can pose a significant danger to a company’s banking information, according to The Register. The news source stated that back-door Trojan malware samples totaled 17,000 in the second quarter of 2013, comprising the largest portion of all mobile malware.
An example of this kind of malware is the Backflash program affecting Android endpoint security. This Trojan is similar to a copycat attack, in that an icon resembling the Adobe Flash logo is installed on an infected endpoint, which then opens a backdoor into the system for hacker access.
In order to prevent backdoor Trojans and other types of endpoint threats, The Register recommended that organizations encrypt sensitive data on all devices. Additionally, enterprises should install data loss prevention software on network endpoints. This technology allows administrators to remotely wipe data from a device, a handy feature in the event of a lost or stolen device, as well as preventing data loss from ex-employees.
Lemos also suggested enterprises utilize mobile device management software on endpoints with approved access to a corporate network. Using this technology, administrators can further ensure the safety of the corporate network by limiting the types of applications that can be downloaded. Mobile device management software only allows downloads from the major app stores, and can protect an endpoint from threats like the Backflash malware.
In addition, organizations should keep a close eye on network traffic. Any suspicious connections should be terminated to prevent risk of a network infection that can lead to data leakage.