It has been revealed that Apple’s mobile app store has suffered its first major security breech, after hackers convinced legitimate developers to use a tainted version of its XCode development software.
Below, industry experts tell CBR what they think about the hack, and the implications for Apple at its developers.
1. David Emm, senior security researcher at Kaspersky Lab
"While the majority of mobile malware targets victims running Android, this incident highlights the fact that iOS isn’t immune to malware.
"Apple’s ‘walled garden’ approach does make it harder for cybercriminals to compromise apps, but if something does slip through the net, as in this case, there’s no protection available because Apple doesn’t provide third-party developers with the means to develop anti-malware protection for iOS.
2. Piers Wilson, head of product management at Huntsman Security
"The success of the attack on Apple’s App Store was another reminder that not all attacks are new hacking techniques or ultra-sophisticated malware, but often just exploit human nature.
"One of the best ways of addressing threats like this is to monitor employee and system behaviour for any abnormal or suspicious activity that could indicate problems early, before damage is done.
"For example, as in the case of the attack on the App Store, being able to identify that employee devices were transmitting data in a suspicious way or to unknown or hacker-affiliated systems could provide an early warning to security teams that data leakage (whether caused by rogue/compromised apps or otherwise) was visible.
"Traditional security systems, especially those based on an assumption that the internal environment is in a known and trusted state, simply can’t provide this capability – a new, next-generation approach is needed."
3. Thomas Reed, director of mac offerings at Malwarebytes
"This is easily the largest App Store breach in history. There is little doubt that there will be some revision of the app review process at Apple as a result, but it’s also certain that this incident will erode consumer confidence in the App Store as a (mostly) unassailable malware-free fortress
"Worse, there was really no way to tell that these apps were infected. Perfectly respectable, legitimate apps turned out to be infected. It’s hard for any user to be on guard against this kind of malware."
4. John Smith, principal solutions architect at Veracode
"In recent years it has seemed that the problem of Mobile Malware was bigger for Android than for iOS. The more rigorous testing regime required before an iOS app can be published has always been considered to be the reason for this difference, but in this case it seems to have fallen short.
"One very interesting aspect of this incident is that that the developers of the apps had no knowledge that their own code was being used to carry malware – it was the modified development environment (Xcode) that introduced the payload."
5. Steve Nice, chief technologist at Node4
"Organisations can protect themselves by having a device which filters internet traffic before it reaches the internal network. These devices could be called firewalls, proxys, web filters, IDS or UTMs. They must be updated daily, if not hourly, and will be able to detect and block malicious scripts.
The most important thing that all business should bear in mind is they need to use best practices regardless of the system they use. Businesses need to assume they will be hacked by default. The threat landscape is ever evolving and end users have to be able to trust technology companies."
However, some developers are not so worried about the implications of the hack. Olly Berry, head of iOs at developer Mubaloo, said
"The fact that this is a very isolated incident, affecting a reported 36 apps, shows that it’s not necessarily as big a deal as it’s being reported to be. In this case, the damage that can be done is still relatively limited as the malware can’t read any sensitive data and the issue has been resolved.
"In the grand scheme of Malware, if this is the worst the hackers were able to do, it shows that Apple is actually doing a good job. It will also reinforce that developers should be using the official tools."
The incident comes as President Obama travels to China for meetings, with cyber security high on the agenda.
This article is from the CBROnline archive: some formatting and images may not be present.