Mobile security is a hot topic – and not just on this blog. Prior to the recent 2012 Blackhat event, ComputerWorld interviewed Kevin Mitnick, one of the most notorius
hackers security professioanls of all-time. Here is a short clip:
Do you believe exploiting NFC vulnerabilities, such as when people pay with their smartphones, have the potential to be goldmines for malicious attackers?
Mitnick: NFC vulnerabilities require physical access to the device, which requires being near the target. Malicious attackers will try to gain remote control of the device instead of having to risk being close to the target. Also, attackers will likely send 100 emails with malicious links to your organization (see KnowBe4.com) instead of attempting to get near the victim. Without any additional security controls with VPN access, smartphones are the easiest way to infiltrate an organization remotely. As such, layers of security are a must! That’s why I believe that zCore IPS adds value as a layer of protection against malicious attackers.
In regard to joining Zimperium’s team, you said, “Mobile devices are the new target-rich environment. Based on lessons learned in the early days of the personal computer, businesses should adopt a proactive approach to mobile security so they don’t repeat the same mistakes that resulted in billions of dollars in economic loss.” What do you think are the biggest security threats on the horizon for mobile devices?
Mitnick: We can see the same issues affecting the computing world. For example, smartphone updates are not rolled out in a timely fashion and the existing users remain exposed.
If you have a horse in the mobile security race, you’d be wise to read the rest of this interview.