Organizations that offer employees the freedom of mobility gain some advantages, which can include better productivity or saving workplace costs by allowing employees to work from home, but doing so comes with a few security risks. Keeping enterprise security in mind, organizations need to ensure employee devices are properly managed and secured.
Mobile cyberattacks are evolving every day, especially those aimed at Android devices. With the open nature of Android, attackers can even gain root privileges for a device given the right circumstances. Security researchers at Checkpoint Software Technologies have identified a new set of mobile cyberattacks named Man-in-the-Disk attacks that can infect Android phones and even launch denial of service (DoS) attacks.
What’s a Man-in-the-Disk attack?
Man-in-the-Disk attacks take advantage of the nature of Android OS, specifically how Android allows developers to create apps that use external storage instead of internal storage. We’ll briefly explain why that makes a difference.
Android supports sandboxing, which prevents apps that use internal storage from communicating with other apps. However, the open nature of Android allows third-party developers to develop apps that use external storage. As long as developers use proper security policies for protecting the data stored in external storage, there shouldn’t be an issue. The problem is, many developers, including some big names that may surprise you, have lax security policies when it comes to external storage. Checkpoint found Google Translate, Google Voice Typing, Yandex Translate, Google Text-to-Speech, and Xiaomi browsers were all vulnerable to Man-in-the-Disk attacks.
Every Man-in-the-Disk attack starts out with the hacker tricking a user into downloading a malicious app on their Android device. Once it’s installed, this app asks for permission to access the device’s external storage. If the user grants access, the hacker can then access any files that other apps have stored in external storage. Depending on what other apps save in external storage, the hacker may be able to compromise an app’s files and cause it to crash, modify another application’s code to install a malicious app, or worse.
Preventing Man-in-the-Disk attacks
As mentioned by Google, sandboxing is likely the best option here. But since you can’t control how every app your business uses is developed, the more comprehensive solution to these external storage threats is defining strong security policies at the OS level.
ManageEngine Mobile Device Manager Plus can help with Man-in-the-Disk attacks by giving you the option to unmount a device’s SD card; this prevents apps running on that particular device from using the external storage space. Mobile Device Manager Plus also provides enhanced enterprise mobility management features for devices, applications, and mobile content.
Download Mobile Device Manager Plus now to secure your mobile workforce.