Lessons learned from the latest WhatsApp hack

We were once again reminded that mobile devices, the one thing most of us never leave home without, are vulnerable to attacks. And once again, private individuals were attacked.

Several news organizations reported on Monday, May 13, that attackers exploited a vulnerability in WhatsApp, the popular global messaging app installed on 1.5 billion devices worldwide, and successfully installed spyware on several victims’ devices. Unbeknownst to the victims, the attackers obtained complete access to everything on the their mobile devices:  personal and corporate information, email, contacts, camera, microphone, and the individual’s location.

WhatsApp is encouraging customers to update their apps as quickly as possible, and to keep their mobile operating system up to date.

Remarkably, the attackers used the vulnerability to insert malicious code and steal data from Android and iPhone smartphones simply by placing a WhatsApp call, even if the victim didn’t pick up the call. The spyware erases all logs of the call so that victims remain unaware that their device has been hacked.

The WhatsApp hack illustrates that despite their best efforts, Apple and Google cannot completely secure the users of mobile devices running their operating systems. In order to ensure users are properly protected, a mobile threat defense solution must be in place that can prevent spyware from gathering intelligence on their targets. The solution involves multiple steps:

• Identifying advanced rooting and jailbreaking techniques
• Detecting unknown malware
• Preventing malicious outbound communications to command and control servers

All the steps above must be enabled to best prevent sophisticated attacks like the WhatsApp hack. If spyware is simply detected after infecting the device it is too late. It is paramount to ensure that the attack is prevented before it actually infects the mobile device. If, however the device becomes infected, it’s critical that no data be exfiltrated from of the device.

Protect your enterprise and users from sophisticated mobile cyberattacks like the WhatsApp attack with SandBlast Mobile.

Check Point’s 2019 Security Report

2018 introduced a challenging threat landscape. Threat actors consistently improved their cyber weapons, adopted new methods and adapted their attacks to emerging technologies. And although it may have seemed the past year was quieter, this is far from the case.

In the 2019 Security Report we review the latest threats facing organizations in the fifth generation of the cyber landscape and provide you with our observations and insights from the past year.

These attacks can be characterized as more stealth like and targeted. Whether carried out by cyber criminals or nation states, the targeted attacks of 2018 revealed that financial and espionage motivations are not the only driving factors. With more attacks that shut down entire organizations, ‘boutique’ ransomware attacks were a strong trend during 2018 as was the rise of crypto-jackers, that infected 10 times more organizations than ransomware but only 1 in 5 IT professionals are aware they were affected.

We also review of the predictions made in our 2018 Security Report and assess to what extent these proved accurate. Along the way we provide cutting edge analysis from our in-house experts to arrive at a better understanding of today’s threat landscape.

We then take a look under the hood of today’s cyber crime world and show how this ecosystem remains a core part of the cyber threat landscape. Whether it is ransomware, banking trojans, key-loggers or cryptojackers, we look at what these malware types are and how they are now more accessible to potential cyber criminals due to Malware-as-a-Service (MaaS) services. This is the age of the democratization of cybercrime.

We then hone in on how threat actors are able to keep one step ahead by targeting the weakest points in an organization’s IT infrastructure – the cloud, mobile and IoT. Indeed, these platforms offer a threat actor a much higher chance of success and fewer obstacles to overcome due to them being far less protected. However, 65% of IT professionals still underestimate the damage caused by attacks on the Cloud.

As a result, their profits can often be higher due to more private data stored on mobile devices and larger databases and resources held in the cloud. So with account takeovers becoming increasingly common, and the introduction of GDPR in 2018, potential data breaches and other attacks are simply too costly to ignore.

The report concludes with predictions for 2019 and how we think the cyber threat landscape will evolve in the year ahead, looking specifically at the categories of Cloud, Mobile, Network, AI, IoT and Nation State attacks. And finally, to stay ahead of these trends and predictions, we conclude with some expert recommendations and requirements that organizations should adopt in order to prevent fifth generation cyber attacks.