Weekly Executive Summary for Week of November 4, 2016

Business Executives Targeted by Spyware

An Android 6.0.1 device owned  by a VP at a global technology company was recently found to contain malware.  Researchers from Skycure, a mobile security company, analyzed this particular malware app, dubbed Exaspy.  While it’s not known exactly how the malware got onto the system, it’s mostly likely that someone with physical access to the device is the culprit.  

Skycure discovered that, once installed, the malware requests admin rights, ask for the license number, hides itself and asks for root access.  Exaspy is able to collect chats sent and received, record audio and telephone calls, collect pictures and take screenshots, collect contacts, browser histories and more.  All of this information is then sent to a remote server.

As the prevalence of mobile devices in our lives increases, so does the amount of sensitive information they contain.  Data breaches can be extremely damaging to companies.  Exaspy is just one of many different applications available for a price that can conduct mobile attacks.  Users need to exercise caution when using their devices; This is especially important when the user is in a higher position of power.  

Some advice to keep devices safe:

• Users should always take care when downloading any applications by making sure it’s from a reputable source.
• Never give permissions to applications that do not require them.
• Periodically check the Android Device Administrators list and disable any untrustworthy components
• Think about Physical Security as well:
  • Set up a PIN code and Fingerprint authentication
  • Disable USB debugging
  • Turn off OEM Unlocking

Sources: Exaspy – Commodity Android Spyware Targetting High-level Executives (Skycure), Android Spyware Targets Business Executives (HelpNetSecurity)

Note: The purpose of the weekly executive summary is to provide useful information that a business or agency could use in both its cybersecurity and business strategies. In order for this website to serve the community we need to know your concerns and questions about (for example) proper safeguards for technology you’re looking into or what sets of compliance and governance policies would you need to operate a particular business. The CSCC openly invites you to send in your inquiries. We’ll have students research your issues and provide an analysis of the information at hand to guide you with all things cybersecurity. Mail us at: uhwocscc@hawaii.edu