Mobile Threat Catalogue

Exploitation of Cloud Backups

Contribute

Threat Category: Mobile OS & Vendor Infrastructure

ID: ECO-2

Threat Description: If an attacker is able to compromise cloud backups, they could gain unauthorized access to private and potentially sensitive data.

Threat Origin

Mobile Security: Threats and Countermeasures 1

Exploit Examples

Q4 Mobile Security and Risk Review 2

CVE Examples

Not Applicable

Possible Countermeasures

Enterprise

To prevent sensitive app data from unknowingly being backed-up to unauthorized or unsecure cloud services, analyze app data storage practices as part of the app vetting process prior to authorizing apps for use.

To protect the confidentiality of app data backed-up to a cloud service, prefer the use of FedRAMP-certified cloud service providers to gain assurance that app data backed-up to the cloud is strongly encrypted.

To prevent an attacker from gaining access to app data backups via the cloud service account, enable two-factor or other strong authentication mechanisms.

To protect the confidentiality of app data backed-up to a cloud service, deploy MAM or MDM solutions in combinations with devices that successfully enforce a policy to strongly encrypt app data backed-up or synchronized to authorized cloud services.

To prevent sensitive app data from being backed-up to an untrusted cloud service, deploy MAM or MDM solutions in combination with devices that successfully enforce a policy that prohibits app data from being synchronized or backed-up to any cloud services.

Mobile Device User

To prevent an attacker from gaining access to app data backups via the cloud service account, enable two-factor or other strong authentication mechanisms.

References

  1. Mobile Security: Threats and Countermeasures, white paper, MobileIron; www.mobileiron.com/sites/default/files/security/Mobile-Security-Threats-and-Countermeasures-WP-MKT-6361-V1.pdf [accessed 8/25/2016] 

  2. Q4 Mobile Security and Risk Review, white paper, MobileIron; https://www.mobileiron.com/sites/default/files/qsreports/files/security-report-Q415-v1.2-EN.pdf [accessed 8/25/2016]