Mobile devices like iPads, iPhones and Android phones and tablets are increasing in popularity every month. Whether personal and using it for occasional work access (BYOD) or GFE devices, almost every organization is being impacted by this trend.
In this talk, we will describe the current threat landscape for mobile devices. This includes recent wellknown threats like Monokle, Project Zero, and the Checkra1n Jailbreak but also examples of some lesser-known threats. And how those threats can impact federal agencies and organizations. We will discuss BYOD trends and how simple it is for users of mobile devices to sideload applications on both Android and iOS devices (even without jailbreaking) that significantly increase the risk level. We will also describe some of the other threats to the mobile user such as phishing attacks, app exploits, and SDK abuse.
Finally, we will describe malware economics and how solutions can leverage automation techniques such as machine learning for mobile malware identification, and scalability. We will also discuss considerations to manage optimizing for false positive/negative alerting.