14 DAY TRIAL // The annual World Economic Forum (WEF) is about to start between January 20 and 23, 2016, in Davos, Switzerland, and Kaspersky, one of the world's biggest cyber-security vendors, is warning against cyberattacks that may be carried out against its participants.
The World Economic Forum gathers each year some of the world's biggest political and business leaders, all in the area of a few square kilometers.
While this may be the perfect method of discussing and advancing sensitive world economic topics and various agendas, for infosec professionals, this is a nightmare scenario. Kaspersky security experts expect APT groups to intensify their efforts and attempt to hack into the computers and mobile devices of high-ranking officials from various countries and companies, gathered all on the same WiFi network, either at their hotels or the conferences.
While laptops have the benefit of years of development in desktop-based security products, mobile users don't have this advantage. Mobile security products are still lagging behind their desktop counterparts, and WEF participants should be very wary of where and what they connect to while in Davos.
APT groups have targeted mobile devices in the past
In recent years, five of the most sophisticated cyber-espionage campaigns have included malware products capable of breaking and spying on mobile devices.
This means that APT groups are well aware of the treasure trove of information they can extract from mobile devices and the multitude of security vulnerabilities that are rarely addressed by the devices' owners.
With such a fragmented mobile OS ecosystem in terms of versions and manufacturers, companies like the Hacking Team, Zerodium, and Gamma International have found a niche selling spyware tools that also include offensive mobile hacking capabilities.
Kaspersky researchers recommend that anyone attending high-profile conferences like the World Economic Forum should always use VPN connections to surf the Web, charge mobile devices right from the socket, not from the laptop, and use passwords instead of PINs to protect devices.
Additionally, users should avoid jailbreaking devices, never buy second-hand phones, and enable data encryption if the device has this feature.
Of course, this type of advice can also be followed by regular users, not only high-ranking officials and journalists. The security of your mobile device should always be considered, regardless of your job and the data you keep stored on the handset.