New Enhancements Help Identify Suspicious Mobile Apps and Block Malicious Communications
Kindsight, an Alcatel-Lucent company, has expanded its mobile security offering with anti-theft features and new network-based security scanning.
The company’s Kindsight Mobile Security offering analyzes the mobile device’s network traffic to alert users when malicious apps are being installed, Brendan Ziolo, vice-president of marketing at Kindsight, told SecurityWeek. The company combined network-based malware scanning with device-based security to give users a broader range of protection, he said.
Kindsight Mobile Security is built upon the network-based malware detection engine used in Kindsight Network Intrusion Detection System. Sensors are deployed within the mobile operator network and examine all the data going in and out looking for malware. The Alert Reporting Cluster (ARC) processes all the data being collected by the sensors and sends security alerts to the mobile device owner via email, SMS, or notifications to the mobile app when malicious activity is detected.
The scanner detects when apps are communicating with remote command-and-control servers and blocks them immediately, preventing attackers from stealing data or launching other attacks, Kindsight said. The user is immediately alerted about suspicious network activity and also shown which app may be the culprit so users can quickly take action. Service providers can opt to put infected devices into a “walled garden” or just block the device from accessing the network until it has been cleaned up.
“Our mobile security solution is unique because it combines network-based detection and alerting capabilities with a mobile security app to detect more malware sooner,” Ziolo said. Users can install the mobile app to scans apps before they are installed to make sure they are not malicious and to remove the ones that are.
Because the scanner examines network activity, it can detect threats before on-device security scanners, Ziolo said.
Kindsight Mobile Security also introduced anti-theft features such as remote lock and remote wipe to protect data on the mobile device in case it is stolen or lost. With remote lock, users can assign a PIN to the device remotely to prevent others from accessing contacts, messages, and photos. Remote wipe removes all data from the device so that sensitive data cannot be exposed. Users can also try to locate the missing phone by logging into the service provider’s Website to find out the phone’s last known GPS coordinates. The site also allows the user to sound an alarm so that they could hear it.
“There’s a lack of consumer understanding of mobile device vulnerabilities and threats,” said Jeff Wilson, principal analyst, security at Infonetics. “By deploying early threat detection in their networks and complimentary security apps on mobile devices, mobile operators can offer a complete mobile security solution to their subscribers and differentiate themselves from their competition.”
Mobile service operators can also white-label Kindsight Mobile Security and offer the services to users under their own brand, Ziolo said.