Tactical Advice

BYOD: Jailbreak Jammers Pose Significant Threat to Corporate Networks

These apps prevent detection when a device has been jailbroken, allowing users to access company resources.
BYOD: Jailbreak Jammers Pose Significant Threat to Corporate Networks
Credit: jesadaphorn/iStock/ThinkStockPhotos

Marble Security Labs has issued an alert that highlights a new and dangerous threat to large and small businesses alike. It’s called a Jailbreak Jammer, and, left unchecked, it can seriously compromise network security.

Jailbreak Jammer apps camouflage the fact that a mobile device has been jailbroken or rooted.

Jailbreaking and rooting are processes that allow mobile users to load applications and use services — such as a jammer app — that have not been vetted and approved for delivery through traditional channels (i.e., a sanctioned app store).

One of the problems with jailbreaking is that it compromises any mobile security that has been put into place to protect mobile devices and the networks they connect to. That’s why most mobile device management (MDM) products prevent jailbroken iPhones, iPads and Android smartphones and tablets from connecting to a network.

That’s also why jammers pose such a huge security risk, especially to “those allowing BYOD, because experience shows us that even just one compromised device can eventually lead to a massive breach," says chairman of the Anti-Phishing Working Group (APWG) David Jevans, who is also Marble Security's founder and CTO.

BizTech asked Jevans to elaborate on the dangers of Jailbreak Jammers.

BIZTECH: What does a Jailbreak Jammer do?

JEVANS: A Jailbreak Jammer is software that can be downloaded to a jailbroken iPhone or iPad or to a rooted Android device to prevent security software, MDM software and apps that have protected content from detecting if the device is jailbroken or rooted.

This class of malicious software evades detection in several ways:

• It can patch the jailbreak- or root-detection algorithms of security and MDM software which reports whether a device is unsecure.

• It can reconfigure operating-system settings and move files around to trick MDM and security software into not detecting unsecured devices.

• It can patch operating-system modules to report false results to MDM and security software regarding the status of the operating system.

BIZTECH: How do jammers enable people to bypass the usual security protocols and access the company network?

JEVANS: Companies know that having a jailbroken or rooted device connected to their internal networks is a huge security violation and risk. There are effectively no security protections on such a device, and it can run backdoors, such as SSH servers, that can allow external parties to gain access to the device and hence to the internal corporate network.

BIZTECH: What percentage of BYOD devices are jailbroken?

JEVANS: About 7.5 percent of iPhones are jailbroken (this number is closer to 25 percent in China) [according to Marble Security research]. There are 300 million active iPhones, and over 22 million are jailbroken and active every month.

BIZTECH: Can Jailbreak Jammers lead to the introduction of malware onto the network? If so, what types of malware?

JEVANS: Jammed [devices] allow users to install and operate apps that can steal passwords, steal access credentials to the internal network, Active Directory, ActiveSync, et cetera. These credentials can allow attackers and those involved in Advanced Persistent Threats to gain access to corporate data and systems.

BIZTECH: Are these jammers only available for jailbroken devices? In other words, is there any chance users could download and install them onto a nonjailbroken mobile device?

JEVANS: You can side load [a jammer] onto an Android device without rooting the device. On iOS you must be jailbroken to install a jammer, although there are some edge cases where you could install an app that had this functionality through hijacked developer accounts.

BIZTECH: Should there be a warning about jailbroken devices, followed by a revocation of BYOD privileges, included in corporate mobile policies?

JEVANS: Yes, policies are a crucial part of any BYOD program. Policies should be in place so that if a user is found to have a jailbroken or rooted device and is circumventing detection through the use of a Jammer, their BYOD privileges should be revoked.

BIZTECH: What do employees and IT departments need to understand most about Jailbreak Jammers?

JEVANS: Employees may not realize the huge risks that they are exposing their employer to by bringing such devices to work or connecting to enterprise systems with such devices. The malware community is increasing its efforts to target enterprises, and the mobile channel is one effective way. Organizations need to work with security companies who have proactive labs to detect these new threats, both from external attackers and insiders.

Sign up for our e-newsletter

About the Author

James Alan Miller

James is a veteran technology journalist with many years’ experience creating and developing magazine and online content. He is passionate about mobile tech, music and running — when the stars align.  Follow him on Google+ and Twitter:

Security

Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.