Mobile Security

Why and How Businesses Should Apply It

Ali Nikouei

ali@baaroo.org PGP: 0x1BEA47DE32024C74

VNO/NCW

Sep 2016 - The Hague

This presentation is published with under

Who May Surveil a Businessperson?

  • Competitors
  • Politicians
  • Governments
  • Cyber Burglars

    But in Iran you may face a hacking attack from the combination of the mentioned posibilities. Yes, Iranian Cyber Army (ICA) is watching you like other countries but Iran likes to show it off!

How ICA Hacks!

  • Social Engineering
  • Phishing
  • Identity Theft
  • Remote Access (e.g. RAT)
  • Suspending Accounts (by reporting)
  • DDoS
  • Brute-force
  • Defacing
  • Person(man)-in-the-Middle
  • Session Hijacking

Mobile Malware Statistics by 2016

Number of New Malware (Source)

OS Distribution (Source)

A sample; just one in millions

Balthasar Glättli, member of the National Council for The Green Party in Switzerland, has provided OpenDataCity with parts of his retained data of six month for this visualization.

Open Data City

Another one; profiling

IranSec profiled 20 accounts on Twitter in 2015 and through these accounts reached to 12000 possible ICA accounts. After filtering these 12k accounts, 300 accounts was profiled which probably work for ICA.

Mobile Network in Iran

Mobile Penetration Rate: 90%

Who Owns the Market?

The Constitution (Article 150) defines IRGC as the "guardian of the Islamic revolution and its achievements". In September 2009, the government sold 51% of the shares of National Telecommunication Company to Etemad-e Mobin Consortium, a group affiliated with IRGC.

Phishing Campain Targeting 2200 Icons

An Iranian hacking group targeted 2197 persons (216 successful attacks) of interest by means of malware infection, supported by phishing campaigns during May 2014 until Oct 2015.


Who Got Targeted?

high ranking defense officials embassies of target countries academic institutions and scholars Iranian researchers, human rights activists, media and journalists

In some cases the attackers tried to breach the account of a relative or colleague of the real target.

Check PointCitizen LabSkyClear Security Co.

Some Questions

  • Is it possible to track a person through an old-fashioned cell phone?
  • Is it secure enough to have the lock-screen on the device (including fingerprint)?
  • Is it wise to trust a person who introduces himself as a journalist or a police officer?
  • Should I buy a VPN account in Iran to be able to connect to the internet?
  • Is it safe to connect to the internet through the network of organizations in Iran?
  • How should I charge my cellphone when I've forgotten to grab my charger?

Mobile Threats Evolution

Which Data is more Delicious?

What Are the Main Threats?

How Session Hijacking Works!

Leading Factors in Computer Threats


Source: Cyberthreat Defense Report 2015

A way to wipe the date on our stolen devices

Important Tips to Increas the safety of Mobile Devices

  • Disable geo-location if it is not needed
  • Disable NFC and Bluetooth if they are not needed
  • Don't install unnecessary apps specially from untrusted stores
  • Don't "Root" or "Jailbreak" your phone if you don't know what are they
  • Be careful of Drop Downloaders
  • Use VPNs but the safe ones
  • Installing anti-malware and anti-theft are wise
  • Encrypt your device
  • Update your device frequently
having an old-fashioned cell phone or the isolated smartphone is strongly recommended

Why we are not ready for Internet of Things (IoT)?

we mind your

security & privacy

You shouldn't be worried when relying on a group of experts