Defending Against Nation-State Level Threats on Mobile Devices | JNUC 2023

Explore the intricate world of mobile device security against nation-state level threats, including advanced persistent threats (APTs) and the use of sophisticated malware like Pegasus.

In a thought-provoking JNUC session, Adam Derek and Tal Cella from Jamf discussed the complex subject of defending against nation-state level threats on mobile devices. They began by referencing a high-profile case where a journalist's mysterious death was linked to his mobile device's disappearance, later found to be targeted by NSO's Pegasus software. This incident underscored the growing threat posed by sophisticated mobile device malware capable of evading detection and exploiting vulnerabilities.

The session highlighted the extensive market of offensive cyber companies, with an estimated market size between 2 and 20 billion US dollars. This industry is well-funded, showcasing the significant resources behind such advanced threats. The speakers explained that these nation-state level threats or advanced persistent threats (APTs) often start with zero-day vulnerabilities and evolve into zero-click attacks, requiring no user interaction, thus remaining hidden on devices.

Regarding protection strategies, the presenters emphasized the importance of mobile threat defense (MTD) systems that, while not foolproof against all APTs, provide a significant security layer against common attacks like phishing. They also discussed the effectiveness of manual forensics, albeit with limitations like time, cost, and privacy concerns.

The session concluded by examining Jamf's Executive Threat Protection product, which offers advanced detection and response capabilities, privacy-friendly continuous scanning, and integration with Jamf Threat Labs. This solution represents a proactive approach to mobile security, focusing on system-level analysis and rapid response to potential threats.