Digital Shadows expands visibility into evolving mobile driven risks
Digital Shadows yesterday announced new enhancements to its Search Light digital risk management service helping organizations detect and respond to mobile application threats against their employees and consumers. Search Light now offers identification of malicious and unsanctioned applications in official and third-party application stores. This new capability also identifies impersonated or spoofed mobile applications that could damage organizations’ brands or compromise sensitive information.
The new capability around mobile application protection extends the capabilities of Digital Shadows’ flagship service which monitors the Internet to identify digital risks to organizations, including cyber threats, data leakage, and reputational risks. “Mobile is no longer a niche or isolated part of an organizations’ digital footprint. New devices and applications are the status quo and organizations must be able to identify the digital risks associated with them,” said Alastair Paterson, CEO and co-founder of Digital Shadows.
“But we know that a large percentage of mobile applications will fail basic security tests and this digital risk presents enterprises everywhere with brand protection and data risk threats. In an increasingly mobile-first world, our customers now have the ability to precisely account for evolving threats jeopardizing irreplaceable reputations and information. “
Digital Shadows has been trialing the new service with some key clients and within one week, for just one financial services client, we identified 39 incidents of mobile applications posing a risk to their organization. This included mobile apps with malicious code, impersonation and unauthorized use of the company brand. While many of these came from third party application stores, some were from official stores.
With Digital Shadows’ mobile application monitoring, customers can detect a wide range of threats including: Suspect application behavior and code, such as selfsigned certificates or the presence of malware; versions of application that have been modified by a third party; copies of application on stores that are not actively managed; impersonating or spoof application that mimic brands and affiliate links that mislead or confuse users. Monitoring even extends beyond customer mobile application, to internal company mobile apps.
Last year, the US Federal Trade Commission warned that ‘as more consumers are shopping with mobile apps, fraudsters are following the money. There are fake phone apps popping up that impersonate well-known retailers to steal your personal information. Their names were like wellknown brands, and their descriptions promise enticing deals or features.
Updates to Search Light and Digital Shadows’ capabilities include these enhanced features:
Mobile App Monitoring; Identifies malicious mobile apps and analyzes the application’s code to classify the level and type of threat it poses - including intellectual property infringement, malware delivery and phishing. New Asset Registration of Mobile Apps; Ensures an application is accounted for and actively managed, including companyspecific recommendations.