The recent WhatsApp breach was very sophisticated and clever in the manner it was delivered. And that should be expected considering who was reported as being behind the zero-day attack against the popular messaging application.
But the attack against the WhatsApp app is not just a concern for its millions of global customers. There’s a very real and imminent threat to businesses.
Okay, so let’s assume one of your employees has WhatsApp installed on their device and it is subsequently compromised via the latest WhatsApp exploit. In many situations, this employee will, at some point, connect their device to your corporate network.
In most cases, organisations can’t prevent personal phones from being compromised — particularly when outside the network perimeter. They can, however, protect the network from exploits delivered via the compromised phone.
SonicWall, a leader in this cyber security space explains 4 ways that this can be secured:
Via VPN. If an employee connects to the corporate server over VPN, SonicWall, for example, would be the endpoint where they establish the VPN Threat prevention (e.g., firewalls, Capture ATP) and access control (e.g., Secure Mobile Access) would prevent the WhatsApp breach from spreading any further than the compromised phone.
Via Wi-Fi. In this scenario, next-generation firewalls and secure wireless access points should be in place to inspect all internal traffic and prevent the exploit from going further than the phone.
Via compromised credentials. Because the WhatsApp exploit enabled attackers to steal credentials to cloud services and apps, organisations with Cloud Access Security Broker (CASB) solutions, like SonicWall Cloud App Security, would mitigate account takeovers (ATO), unauthorized access and any related data leakage.
Via USB port. Users often forget that a powered USB port on their laptop is an entry point for attackers — even when doing something as innocent as charging a phone. A sound endpoint protection solution, such as Capture Client, would monitor the connection to the laptop and inspect any malicious activity attempting to leverage the USB port to deliver malware payloads.
Protect your data, privacy and reputation, talk to a TCT sales team member today.
Follow us on LinkedIn: