As the new mobile game Pokémon GO quickly became a global blockbuster, entire countries have denounced the game — or even banned it. Some people have even speculated the game was a government surveillance ploy. Conspiracy theories aside, pokemon GO does pose security concerns for your organization. What do you know about the threats?
Wild Rise to Popularity
Within four days of its wide release in early July, Pokémon GO became the top free app in the US Apple App Store. The number of players worldwide quickly surpassed the daily number of active Twitter users.
Pokémon are fictional creatures that players capture in the “real world: with their IOS and Android devices and the help of augmented reality, location-based technology and device cameras.
Real-world locations are where players restock on digital game goodies and get their creatures to battle other Pokémon. Encouraged by incentives to roam around the physical world, gamers have been flooding various locations — raising organizations’ concerns about security and impacts on operations.
The game’s wild success has led to some Android smartphone users downloading it from third-party websites. Security experts found that some of those downloads were fraudulent copies containing malware to enable access to device features including contacts and cameras.
The malware, available on the dark web for around $200, also allows hackers to install and run apps without users’ knowledge — essentially turning the phone into an advanced persistent threat. With BYOD a prevalent trend, this raises the risk of an employee’s infected phone connecting to an organization’s WiFi — or a visitor’s connecting to the public WiFi — giving cyber criminals access to network assets and information.
Data Protection Steps
Hackers are always searching for new exploitation opportunities, whether it’s a new popular app or another way to breach your network. Steps to thwart them include:
- Expanding visibility: Look beyond just the security of your internal network to considers external risk factors from BYOD, the Internet of Things and cloud.
- Taking inventory: With the average enterprise using hundreds of cloud apps — many not sanctioned by IT — it’s critical to take inventory of where all your critical and sensitive data is located and who can access it.
- Simplifying: Instead of introducing yet another point security solution that may never get completely deployed, simplify your security environment by deploying technologies that can interoperate and be managed in a centralized way.
- Using threat intelligence: Detecting bad traffic or blocking malware is not enough — you need actionable threat intelligence and the ability to share it and orchestrate action in real time.
Pokémon GO may be a fad, but the need for cybersecurity is constant. Partner with an expert and choose an approach that enables your cybersecurity infrastructure to evolve with growth — and the next big threat to take the world by storm.
A partner of Fortinet, Platte River Networks is an award-winning, managed security services provider that can protect you from threats by simplifying complex network challenges to optimize security effectiveness and performance. Contact us to learn more about consolidating network security on Fortinet’s new security fabric.