3.5 Given a scenario, troubleshoot mobile OS and application security issues
Common Symptoms
Signal Drop/Weak Signal
Weak signals are always the culprit behind signal drops. As you move further away from the signal source, it will get weaker and weaker.
A bad guy will try to listen for the wireless signal broadcast in an attempt to collection information.
That’s why you should keep your signal strength low!
The lower the radio wifi frequency, the farther the signal will travel ; and the high the frequency, the less the signal will travel.
Newer wifi protocols are coming built with higher frequencies for speed and security.
Power Drain
While applications and normal usage can contribute to power drain, another offender could be malware or a virus.
If your power is draining fast, you need to investigate for malware by using these techniques
Check RAM
Check CPU usage
Finally, if you believe that malware is to blame for your power drainage; run an antivirus/anti-malware scan to check it thoroughly.
Slow Data Speeds
Slow data speeds can be caused by too much interference.
Try changing the channel on wi-fi routers to less used-channels like 5GHz (5GHz is less susceptible to external interference sources, like microwaves.)
You can use specialized tools such as a Wi-Fi analyzer to help you diagnose the airspace for interference and high utilization, as well as determine the strength + quality of the wireless signal.
This tool lets you see what’s going on in the airspace.
Use mobile device firewalls
These applications don’t just keep traffic out of a device, they keep traffic in as well.
They prevent any application traffic from leaving the device unless it is previously authorized to do so.
Unintended WiFi connections
Auto connecting to wi-fi connections can sometimes create security problems.
Evil Twin Attack
An attacker creates a WAP with the same exact SSID that the user is used to connecting to.
The user then connects to the phony SSID and unknowingly gives the attacker access to their device.
Aka a Man-In-The-Middle attack
Unintended Bluetooth pairing
When anonymous devices are allowed to connect to Bluetooth-enabled devices, this is known as unintended blue tooth pairing, and it represents a security threat.
If this does happen, the device paired can gain access to your
contacts
calendars
credit card information
Run an antimalware scan on your device to remediate
Disable bluetooth when not in use.
Leaked personal files/data
When users gain access to unintended connections or attackers gain access to unauthorized devices, they can potentially gain access to the data on the device. To combat any personal data or files from getting leaked, a layered approach to security is required.
Security related to mobile devices should be applied in a layered approach.
1.) Anti-malware software should be installed on the device to protect it from malicious applications
2.) A mobile firewall should be installed along side the anti-malware software
3.) MDM (Mobile Device Management) should also be deployed
This software can force phones to require passcodes, install antivirus software, configure mobile firewalls, push updates, and remote wipe the device if it becomes compromised.
A written policy on how to deal with data leaks should also be required.
Determine the cause for the data breach, factory reset, and check online data sources to see if your data appears
Data transmission over limit (LTE going over your contract limit without you knowing)
If you notice that your phone is constantly going over your contractional agreement amount of data, this may be a security problem.
Malware likes to send spam and spread itself across the internet, and by doing this, it uses a large amount of your hard earned data!
This can be mitigated in two ways
Figure out what your normal amount of data usage is on a monthly basis. Look out for any abnormal amounts of data being used.
Use a mobile device firewall, which limits the traffic leaving the mobile device. This will stop malware from using your data because it stops all data from leaving your phone completely.
Unauthorized Account Access
Unauthorized account access can give users access to personal files and data even though they shouldn’t have access to them to begin with
The most common form of an unauthorized accessed account is Email.
This becomes very problematic due to the fact that emails are used 95% of the time to reset passwords
An audit log of every login to an account should be kept at all times, and reviewed for suspicious activity.
If an account is logged in during regular business hours, then there’s nothing really to see or worry about.
But if an account is logged in at the same time from two different locations, then you need to investigate.
Unauthorized Location tracking
Turn this off whenever it’s not being used by an app.
Being tracked is not fun.
Run an anti-malware scanner, perform a factory reset.
Unauthorized camera/microphone activation
Cameras and microphones can be activated remotely and allow malicious individuals to spy on you.
When not in use, the microphone and camera should be covered to keep attackers from spying you and gaining valuable data.
Run an anti-malware scan
High Resource utilization
High resource utilization can be a telltale sign that a device is running more than you think it should be.
Maybe your phone’s drive is being accessed and the camera is constantly recording your every move.
Monitor for any abnormally high resource usage.
Want to print your doc? This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
