Mobile cyberwarfare threats and mitigations: An overview

Abstract

Mobile technologies have transformed rapidly with their rate of adoption increasing for several years. Smartphones, tablets, and other small form-factor devices are integrated in educational institutions, medical and commercial facilities with further military, governmental as well as industrial deployment expected in future. However, the complexity from interconnected hardware and software layers opens up multiple attack vectors for adversaries, allowing personally identifiable data exfiltration, malicious modifications of the device's intended functionality, pushing unauthorized code without user consent, or incorporating it into a botnet. Mobile threat landscape has become the next stage of cyberwarfare. Here, users unable or unwilling to adequately protect themselves make decisions based on information originating from untrusted third parties with potentially harmful intents. Recognizing the situation, a comprehensive array of tools and concepts such as ASLR, DEP, closing the source code, sandboxing, and code validation has been implemented. In this asymmetric security model, developers invalidate novel attack vectors while adversaries employ sophisticated techniques to thwart detection for large-scale penetration. The former are further penalized by heterogeneous base of software versions, some entirely defenseless against recent exploits. The paper presents an overview of techniques in current mobile operating systems and best practices the vendors incorporated to minimize unauthorized third-party modifications. It also aims to provide high-level description of exploits malware creators use to target users who, as we further postulate, underestimate capabilities of their devices. Best practices for safer use are briefly outlined, too.