There have been at least 4,000 documented uses of IMSI-trackers by Baltimore Police Department and 1,000 uses by the New York Police Department, according to Wessler.
Mobile threat detection solutions
The market for messaging and voice protection technology is crowded and characterised by a diverse set of offerings that address different verticals and uses. Most IT vendors offer mobile voice protection only to certain pockets of the population and focus on voice encryption, while texting solutions are provided for the entire workforce, according to a July 2016 report from Gartner.
Gartner, in a report, recommended that companies "gradually add MTD systems to the organisation to mitigate attacks, emphasising integration, and avoid long-term contracts."
Companies considering MTD products and secure mobile communications (SMC) technologies have to decide if they need them for employees who travel in untrusted regions or use untrusted networks, and whether sensitive data is vulnerable in those situations. They should also consider any regulatory requirements to protect voice and text messaging or text archives based on a comprehensive risk-based approach, rather than simply covering spot regulatory needs, according to a Garner report.
Gartner recommends finding a provider that can partner or integrate with current EMM suites.
MTD tools protect mobile platforms by addressing threats to devices, OSes, networks and apps, protecting organisations on various mobile platforms, including iOS, Android and Windows 10 Mobile. MTD solutions, Gartner said, provide security at one or more of the following four levels:
- Device behavioral anomalies that track for variations from expected and acceptable use patterns.
- Vulnerability assessments that inspect devices for configuration weaknesses that will lead to malware execution.
- Network tools to monitor traffic and disable suspicious connections to and from mobile devices.
- App scans that can find "leaky" apps that put enterprise data at risk and malicious apps (spotted by reputation scanning and code analysis).
The techniques used in MTD are still maturing, and the mobile platforms they run on are also rapidly evolving. Many of IT products in the MTD market come from small, innovative companies.
A number of IT vendors sell secure smartphones, such as GSMK, or software, such as Rosberg Systems AS and Verizon's Voice Cypher Ultra, that use various technologies, such as encryption, to thwart IMSI-catchers from viewing mobile data and voice transmissions.
MTD architectures vary but typically involve an agent residing on a mobile device, as well as a server component that aggregates findings, Gartner said. MTD systems use various methods to gather intelligence about mobile threats and attacks. Crowdsourced threat intelligence analysis is a prevalent method, with a server component that's often cloud-based. Crowdsourced threat intelligence can also be collected from consumers that install a basic version of the app on their device.
Sign up for Computerworld eNewsletters.