Train From Home on Your Schedule with OnDemand - Special Offers Available Now


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

"Growing mobile threat requires better trained staff and processes" says expert

Pace of change, BYOD and underappreciated threats provides fertile ground for targeted attacks

  • UK
  • 28th May 2015

In the wake of the recently uncovered DarkHotel attack which used compromised Wi-Fi networks in 5 star hotels to hack the traditional and mobile devices of visiting high-level executives, "...there is still a lack of awareness of the risks posed by mobile devices," says Raul Siles, a SANS Instructor and a highly respected security researcher and one of the few individuals worldwide to earn the GIAC Security Expert (GSE) designation. "Many organisations have deployed MDM systems and this is a good first step in the right direction but it's not an 'install and forget' situation as the environment is much more complicated than say Windows, OS X or Linux."

Siles highlights three problem areas in the way organisations are managing the threat posed by mobile devices, "The first issue is the threat is often underappreciated as many of these devices move between the private and work life of the user. This challenges organisations to think differently about how to enforce management and security policies on devices that are not under the full control of the organisation."

However, Siles also believes that some of the security enhancements that are embedded within many mobile device platforms such as built-in encryption, sandboxed applications and remote management capabilities although welcomed may lull organisations into overlooking some of the more pressing issues, "The rapid pace of change within the mobile space is both a blessing and a security curse," he says, "With roughly 1.5 million applications for both Android and iOS, the amount of applications with malicious or unexpected behaviours or even applications that contain basic vulnerabilities is growing and many of the devices are lacking in features to effectively manage significant areas of risk."

The researcher points to a lack of functionality to manage IPv6 and personal firewalls as two sample areas where mobile devices are particularly weak. "Another problem is the lack of skill sets within organisations to properly secure mobile environments and deal with threats," says Siles. "The number of mobile devices in use at some organisations is starting to overtake fixed desktop PCs and laptops, yet budgets for mobile InfoSec training has not kept pace. This is a major issue although we are seeing some improvement especially as examples such as DarkHotel and others come to light."

Siles will be teaching the "SANS SEC575: Mobile Device Security and Ethical Hacking" course in London this July. "This is one of the courses that we update most frequently to match the pace of change in the mobile industry," he says of the course designed to help organisations secure their mobile devices, applications and services by equipping personnel with the knowledge to design, deploy, operate, and assess a well-managed and safe mobile environment.

The 6 day intensive hands-on course teaches attendees how to capture and evaluate mobile device network activity, analyse strength and weaknesses on each mobile platform, disassemble and analyse mobile code, recognise weaknesses in common mobile applications, and conduct full-scale mobile penetration tests. "We are also seeing more people from development backgrounds attending the course which is welcomed," says Siles, "If you look at many of the recent hacks, they will often stem from vulnerabilities in libraries that are commonly used across families of applications - if we can help developers and integrators build secure apps - then we can certainly mitigate one of the areas of major risk."

The "SANS SEC575: Mobile Device Security and Ethical Hacking" course will run as part of the 'SANS London in Summer' event from July 13th-18th at Grand Connaught Rooms in London's West End. The event includes 10 courses with topics from across the SANS curriculum including Security Essentials, Incident Handling, Penetration Testing, Management and Forensics. For more information or to register, please visit:

Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (