Zimperium Blog

Cutting Through The Weekly Mobile Security Noise: Lesson Learned

This week we’ve learned that sometimes even the most sophisticated cyber-attacks are executed with surprisingly simple techniques. Recent headlines serve as a healthy reminder of the importance of implementing best practices to help prepare, educate and protect your business from becoming the next data breach victim.

This week we’ve been monitoring stories around the methods behind the Tesla cyber-attack, malware threats linked to unlicensed software, zombie apps haunt workplaces and hackers steal millions from Ryanair’s bank account.

Hackers used a surprisingly simple method to access Tesla’s website and Twitter account-Business Insider

Last week, Tesla Motors reported that their company website and Twitter accounts had been attacked by a group of hackers. The homepage displayed images and a message from the hacker group called “Autismsquad.” What’s interesting about this particular hack was how these hackers gained access to Tesla’s accounts so easily. SecurityWeek spoke to a Tesla spokesperson who explained that the hackers called AT&T customer support and pretended to be an employee of Tesla and demanded all phone calls be sent to a new fake phone number. The hackers did the same thing with Tesla’s email account as well. Business Insider noted that a day after the hack Tesla’s website and Twitter were back to normal, but that it’s “a good lesson that sometimes sophisticated hacks are carried out using the simplest of techniques.”

Businesses need to recognize the malware threat from unlicensed software

A recent BSA study found a clear and direct connection between unlicensed software and malware. Chloe Green, a reporter for InformationWeek discussed how today’s businesses are trying to understand the latest vulnerabilities and attacks so they can come up with the best solution to protect their customers. According to the article, businesses have put protection from malware at the top of their risk agenda. “In the past year, 43% of companies experienced a data breach. The average organization experiences a malware event every three minutes, and the costs of dealing with that malware can be astronomical.” While controlling malware might sound like a simple task, only 30% of companies have policies when it comes to dealing with unlicensed software. This reinforces the importance of implementing best practices to help prepare, educate and protect your business from becoming a breach victim.

Zombie apps haunt BYOD workplaces

A recent survey of around 3 million apps on employee smartphone found that 5.2 percent of iOS apps and 3.9 percent of Android apps are actually dead, removed from their respective app stores and no longer supported, In CSO’s coverage of the report they noted that almost every enterprise company studied had encountered at least a few zombie apps on their devices, making it a more widespread issue than mobile malware.

Hackers steal nearly $5M from Ryanair’s accounts

Among the warnings of hackers eventually hitting commercial airlines, this week hackers staged an attack on Ryanair. According to SC Magazine, hackers stole nearly $5 million from the airlines business bank account. The funds were believed to be the airline’s budget for fuel for its planes. The article reported that the money was transferred electronically to a bank in China. “The airline has been working with its banks and the relevant authorities and understands that the funds – less than $5 million – have now been frozen,” Ryanair said in a statement, according to The Guardian. “The airline expects these funds to be repaid shortly, and has taken steps to ensure that this type of transfer cannot recur.”