Online Training Summer Special: Get a 12.9" iPad Pro, Surface Pro, or $350 Off with OnDemand or vLive


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

"Growing mobile threat requires better trained staff and processes" says expert

Pace of change, BYOD and underappreciated threats provides fertile ground for targeted attacks

  • UK
  • 28th May 2015

In the wake of the recently uncovered DarkHotel attack which used compromised Wi-Fi networks in 5 star hotels to hack the traditional and mobile devices of visiting high-level executives, "...there is still a lack of awareness of the risks posed by mobile devices," says Raul Siles, a SANS Instructor and a highly respected security researcher and one of the few individuals worldwide to earn the GIAC Security Expert (GSE) designation. "Many organisations have deployed MDM systems and this is a good first step in the right direction but it's not an 'install and forget' situation as the environment is much more complicated than say Windows, OS X or Linux."

Siles highlights three problem areas in the way organisations are managing the threat posed by mobile devices, "The first issue is the threat is often underappreciated as many of these devices move between the private and work life of the user. This challenges organisations to think differently about how to enforce management and security policies on devices that are not under the full control of the organisation."

However, Siles also believes that some of the security enhancements that are embedded within many mobile device platforms such as built-in encryption, sandboxed applications and remote management capabilities although welcomed may lull organisations into overlooking some of the more pressing issues, "The rapid pace of change within the mobile space is both a blessing and a security curse," he says, "With roughly 1.5 million applications for both Android and iOS, the amount of applications with malicious or unexpected behaviours or even applications that contain basic vulnerabilities is growing and many of the devices are lacking in features to effectively manage significant areas of risk."

The researcher points to a lack of functionality to manage IPv6 and personal firewalls as two sample areas where mobile devices are particularly weak. "Another problem is the lack of skill sets within organisations to properly secure mobile environments and deal with threats," says Siles. "The number of mobile devices in use at some organisations is starting to overtake fixed desktop PCs and laptops, yet budgets for mobile InfoSec training has not kept pace. This is a major issue although we are seeing some improvement especially as examples such as DarkHotel and others come to light."

Siles will be teaching the "SANS SEC575: Mobile Device Security and Ethical Hacking" course in London this July. "This is one of the courses that we update most frequently to match the pace of change in the mobile industry," he says of the course designed to help organisations secure their mobile devices, applications and services by equipping personnel with the knowledge to design, deploy, operate, and assess a well-managed and safe mobile environment.

The 6 day intensive hands-on course teaches attendees how to capture and evaluate mobile device network activity, analyse strength and weaknesses on each mobile platform, disassemble and analyse mobile code, recognise weaknesses in common mobile applications, and conduct full-scale mobile penetration tests. "We are also seeing more people from development backgrounds attending the course which is welcomed," says Siles, "If you look at many of the recent hacks, they will often stem from vulnerabilities in libraries that are commonly used across families of applications - if we can help developers and integrators build secure apps - then we can certainly mitigate one of the areas of major risk."

The "SANS SEC575: Mobile Device Security and Ethical Hacking" course will run as part of the 'SANS London in Summer' event from July 13th-18th at Grand Connaught Rooms in London's West End. The event includes 10 courses with topics from across the SANS curriculum including Security Essentials, Incident Handling, Penetration Testing, Management and Forensics. For more information or to register, please visit:

Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (