Client: Bruce Hettema
Originally published by Information Security Buzz.
By Mike Cobb, Director of Engineering at DriveSavers
Did you know that Pokémon Go, the smartphone app that became an overnight worldwide sensation, could actually provide cybercriminals an entry point to your business and personal files? Company security directors were already wringing their hands over employees who mix their work and private information on the same phone. Now, with the Pokémon Go phenomenon, comes another threat—malware.
Malware added to the treasure hunt game’s software may give hackers remote control access to everything onboard and the BBC recently reported that Iran had become the first country to ban the game, citing unspecified “security” risks.
However, Pokémon Go isn’t the first mobile application to provide hackers an entry point to access files. Earlier this year, a security firm found that between 75 and 80 percent of the top free apps on Android or iPhones were breached and that number increases to 97 percent among the top paid apps. Almost any type of malware can be disguised as an add-on to Pokémon Go and installed, or even as Pokémon Go itself, but it’s likely the game’s popularity that made it a target for cybercriminals.
With more and more people using smartphones for business, what can be done to prevent wrongdoers from using popular mobile programs, like Pokémon Go, to access corporate and personal files? There’s a role that both consumers and IT departments can play.
Tip #1: Outline Device Policies
A company’s BYOD or company device policy should clearly outline the level of restrictions that need to be put on apps. This policy should also include preferred browsers, app stores and security tools.
In addition, IT managers can prevent cybercriminals from using gaming and other apps to access files on BYOD or company-owned devices by blocking unverified servers. This may prevent the download of any apps that are not specifically allowed by IT.
Tip #2: Ensure Users are Downloading the Correct App
Many problems with Pokémon Go were traced to game downloads from third-party sources, where mal-intentioned software writers have posted tainted code posing as authentic gameware. These copycat apps and add-ons have similar names, but no direct connection to the game and can lead users to an entirely different and unsafe location. At one point it was reported that suspect software was removed from the Google online marketplace, but more such apps are being developed and sold even through trusted marketplaces every day. Any download from anywhere should to be vetted before installation.
For users looking to add new apps and avoid malware, the best place to start is by only downloading programs from Google Play (on an Android) or the AppStore (on an iPhone). Both of these stores review apps before making them available for purchase and have been successful at weeding out most (but not quite all) malware. Advise company users not to download apps from any third-party stores.
Educate company users on the value of knowing the maker of an app before downloading anything. For example, Pokémon Go is made by Niantic Inc., so any downloads of Pokémon Go or related add-ons should be made by Niantic Inc. We don’t recommend downloading any apps in either Google Play or the AppStore where the maker doesn’t match what you’ve read or heard about.
Tip #3: Understand Your Permissions
Some download requests want blanket access to everything on a user’s system. Users should always review what information the app really needs before downloading anything from any source. Be extremely wary of requests for personal information, like an email account or access to contacts.
In the case of Pokémon Go, the app uses your camera and location to play the game. However, if the app were to ask for something that doesn’t make sense or something the user isn’t comfortable allowing, we recommend saying “no” and deleting the app.
When in Doubt: Power Down
An important note for IT departments to share with people at their companies: If an app causes trouble, remove the phone’s battery to stop it from functioning. If the affected phone is an iPhone with a battery that cannot be removed, hold down the Home and Power buttons at the same time until the device turns off.
After powering the phone on again, immediately delete the troublesome app. Often, these malware apps do not show an icon on the home screen, so it may need to be found in settings and deleted from that location.
If the harmful app cannot be deleted, a factory reset may be necessary. Hopefully, the phone will have been backed up prior to the reset. IT should regularly advise backup strategies for important data in case of malware, damage to a device or other data loss situations.
About Mike Cobb
Mike Cobb is the Director of Engineering at DrivesSavers and manages the day-to-day operations of the Engineering Department including the physical and logical recoveries of rotational media, SSDs, smart devices and flash media. He also oversees the R&D efforts for past, present and future storage technologies. Mike makes sure that each of the departments and their engineers are certified and that they continue to gain knowledge in their field. Each DriveSavers engineer has been trained by Mike to ensure the successful and complete recovery of data is their top priority. Mike Cobb has a B.S. degree in Computer Science from the University of California, Riverside. Since joining DriveSavers in 1994, Mike has worked on all aspects of engineering as well as heading the Customer Service Department for several years. Prior to joining DriveSavers, Mike gained invaluable experience creating mirroring and compression products while working at Golden Triangle Software in the early 1990’s.
Read more: http://www.informationsecuritybuzz.com/articles/pokemon-go-latest-byod-threat/