Enterprise threat dubbed HospitalGown infests thousands of apps
|Richard Harris in Security Tuesday, June 6, 2017|
Mobile backend enterprise security threat, dubbed HospitalGown, identified by Appthority.
Data leakage, especially leaks of personally identifiable information (PII), significantly increase the risk of spear phishing, brute force login, social engineering, and data ransom attacks on enterprises with employees, partners or customers that currently or have ever used the compromised apps. Appthority has reached out to the mobile application developers, app stores, and hosting providers associated with the data leaks.
“HospitalGown poses a direct risk to enterprises, opening them to an easy breach, exfiltration of sensitive data, and the costs from remediation, lawsuits, compliance infractions and loss of brand trust,” said Seth Hardy, Appthority Director of Security Research. “No amount of on-device application security can make up for relaxed security where the application stores user data. A breach at the backend takes the magnitude of the threat from being focused on a handful of devices to a much broader exposure for an entire enterprise, which could result in big data leaks or ransom of sensitive data.”
The Appthority Mobile Threat Team (MTT) discovered HospitalGown using an innovative backend scanning technique, added as a new component to the company’s dynamic mobile app analysis. Using this technique, the MTT analyzed the network traffic of over a million enterprise mobile iOS and Android apps and led to the discovery of over 21,000 open Elasticsearch servers with unprotected data connected to apps frequently found on enterprise devices.
“The HospitalGown threat is both real for enterprises and significant,” said Ed Amoroso, CEO of TAG Cyber. “It underscores the need for the in depth and innovative mobile threat defense solution that Appthority provides.”
- Affected apps are connecting to unsecured data stores on popular enterprise services, such as Elasticsearch and MySQL, which are leaking large amounts of sensitive data
- Apps using just one of these services revealed almost 43TB of exposed data
- Multiple affected apps leaked some form of PII, including passwords, location, travel and payment details, corporate profile data (including employees’ VPN PINs, emails, phone numbers), and retail customer data
- In multiple cases, data has already been accessed by unauthorized individuals and ransomed
- Even apps that have been removed from devices and the app stores still pose an exposure risk due to the sensitive data that remains stored on unsecured servers
The necessary steps to secure your environment for all of the components that are involved in a z Systems cloud infrastructure that uses IBM z/VM and Linux on z Systems.
Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.
How to create a profitable, sustainable business developing and marketing mobile apps.