Monday, March 4, 2024

How iPhone Provides a Backdoor Into Your Business Data

One of the biggest benefits cited by iPhone users for their choice of device is that it has better security than the ubiquitous Android however that very security may well prove to be a vulnerability in itself.

Whilst it is true that in many ways the iOS is more secure than other operating systems it isn’t without its flaws and it is by no means immune to poor user behaviour.

The fact that the iPhone is so secure also leads users into a false sense of security and in turn, ironically makes it more vulnerable to attack!

iPhones aren’t invulnerable

In many ways, the iPhone is more secure than Android.

The lockdown nature of the OS and the closely guarded nature of information means that the likelihood of an attack is reduced.

By restricting access to app developers Apple has been able to ensure that every download is properly scanned for vulnerabilities.

Android devotees would point to the fact that there are many fewer apple devices in circulation which makes them a lower priority for malicious attack although given that some 15 million iPhones were sold in the US alone in 2020 that seems like grasping at straws.

But all that having been said, Apple has still had its problems, the latest of which, the Apple Wireless Direct Link (AWDL) vulnerability requires no direct intervention from the phone user.

The AWDL, which allows users to transfer files over WiFi allowed malicious users to gain control of the code of the phone and even use the microphone and camera.


Thankfully now fixed, the threat was sufficient to force Apple to actually admit to the vulnerability, something it generally tends to shy away from.

The User Aspect

Arguably one of the main issues with the iPhone is owners’ perceptions of the level of security that is inherent in the device.

Sure, the iPhone is secure, but it can’t protect against every eventuality and user error is certainly one area ripe for exploitation.

The main problem is the user who hasn’t encountered any problems themselves or has heard talk of iPhones being immune to attack and that changes their behaviour.

People who feel secure tend to take more risks as in the case of the Cypres device designed to save skydivers from no-pull deaths.

In a no-pull death the skydiver fails to pull their ripcord or does so too late, the Cypres device was designed to eliminate this but actually failed to reduce the number of fatalities.

The reason was that people became used to the reduced risk so in turn began taking more risks to compensate thinking that they would still be safe.

In the same way, a user who has never experienced a malware attack and has heard that their phone is invulnerable will often have no hesitation clicking on a suspect link or downloading an unverified app.

What does this mean for business?

In today’s interconnected world there often is no alternative to allowing user devices to connect to your systems. The advent of the pandemic has exacerbated this as people work at home more often and connect in from more and more remote locations.

There’s good evidence that the trend towards remote working will continue and many companies are actively seeking to reduce desk space in their main offices, meaning that we can expect people to be connecting using all sorts of different WiFi, many of them unsecured.

A user who has downloaded malware, or has a device that has been compromised will present a very real threat to the company’s main systems.

The first threat is that of a virus being introduced to other parts of the company network which could end up in a security or data breach or even a ransomware attack.

As users connect in from a compromised location they could end up being spied upon or having their passwords compromised through keylogging or man-in-the-middle attacks.

This could result in the situation where the business spends all of its time trying to prevent more spectacular attacks such as DDOS yet falling prey to a simple password and username hack.

In truth, it doesn’t matter what level of security a device has if the user ends up falling prey to phishing and spear-phishing attacks!

The thought that a business could lose cash from an attack on their bank account, customers through the reputational damage of a data breach or systems access due to a ransomware attack should be enough to make any business owner take action.

What can the business do about it?

The first thing to do is to make sure that your users download updates and apply patches as soon as they are released.

Manufacturers like Apple spend a lot of time and money making sure that their OS is secured against attack but that can’t help if the device user refuses to update!

The second line of defence is to make sure your employees are connecting in a secure way.

Whilst we all know the risks of using public WiFi, it is also true to say that many home networks are just as vulnerable and with the power of home routers now being much greater than ever before it is a simple matter for a cybercriminal to park on a residential road and have access to several unsecured networks at a time.

Using an iPhone VPN will secure the employee’s connection and encrypt any data sent over the web.

A VPN makes sure that the connection can’t be intercepted and as a result malware downloaded onto the iPhone. It stops keylogging and man-in-the-middle attacks too.

Finally, employee education is vital.

Making sure that people understand that just because they have an iPhone doesn’t mean they are invulnerable is ultra-important.

Educating people about the ways that phishers work and why they need to update their phones is a simple, cheap and very effective way of reducing risk.

Protecting a business against unauthorised access is in many ways very simple and can be achieved for very little money and given the damage that could be done, makes total sense.

Website

Latest articles

US Court Orders NSO Group to Handover Code for Spyware, Pegasus to WhatsApp

Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019....

New SSO-Based Phishing Attack Trick Users into Sharing Login Credentials  

Threat actors employ phishing scams to trick individuals into giving away important details like...

U.S. Charged Iranian Hacker, Rewards up to $10 Million

The United States Department of Justice (DoJ) has charged an Iranian national, Alireza Shafie...

Huge Surge in Ransomware-as-a-Service Attacks targeting Middle East & Africa

The Middle East and Africa (MEA) region has witnessed a surge in ransomware-as-a-service (RaaS)...

New Silver SAML Attack Let Attackers Forge Any SAML Response To Entra ID

SolarWinds cyberattack was one of the largest attacks of the century in which attackers...

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...

20 Million+ Cutout.Pro User Records Leaked On Hacking Forums

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach,...

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles