Malware, lost or stolen devices top mobile phone security threats

With the exponential boom of those flocking to obtain the latest smartphone, experts say it’s
only a matter of time before cybercriminals flock there as well. And they say the sophistication of
the mobile
phone security threats
being launched that took decades for malware authors to achieve on the
desktop is now appearing to take mere months on the mobile platform.

There are likely other bigger risks in your enterprise … but I think enterprises should be
wary of smartphones.

Pete Lindstrom, research director, Spire Security

With the right attack, cybercriminals can access corporate data and emails containing that
corporate data via a mobile device, said Toralv Dirro, EMEA security strategist at McAfee Inc.

“Many companies don’t have the technology means and policies for the security of these mobile
devices,” Dirro said. “These are uncharted waters.”

Security companies are quickly claiming that although 2011 has been the year of the mobile
threat, at this rate, 2012 may be crowned with that title. Researchers at security provider M86
Security Inc. say that in 2012, mobile malware will be “one of the most concerning areas for
cybercriminals to exploit.” According to an M86 report, “Threats
Predictions of 2012
” (.pdf), mobile malware in the wild was originally estimated to be more
than 2,500 samples in 2011. However, that number quickly exceeded to more than 7,500 samples.

“Based on what we’ve seen in 2011, this is kind of the year of the Android
malware
,” said Patrik Runald, senior manager of security research at San Diego, Calif.-based
Websense Inc. “It’s a pretty safe prediction that that’s going to continue in 2012.”

Reports from Websense, McAfee, Symantec and other security vendors reflect the same theme:
Smartphones are a rapidly growing target.

Experts say the Google Android open application distribution model makes it a more attractive
target to attackers. With this model, users are allowed to download applications from a variety of
sources. On top of that, “Android is now claiming 500,000 activations every day,” Runald said.
“It’s too good of an opportunity for the bad guys to let go by.”

On the other hand, the other prominent smartphone platform is Apple’s iOS, which is close
source. All applications of iOS are submitted to developers and go through a manual review process
with restrictions based on certain policies. Although this is often seen as a more secure platform
because it prevents users from loading apps from sources other than Apple’s App Store, users can
jailbreak the device.

While it’s still a relatively low percentage of overall malware, the mobile malware danger is
increasing. Through mobile malware, attackers can carry out certain actions without the user’s
knowledge, such as charging the bill of the victim, sending messages to the contact list, or even
giving an attacker remote control over the device.

 “The type of [mobile] malware has changed quite a bit,” Dirro said. “A year ago it was
basically viruses written by kids in the school yard.”

According to McAfee’s recent Threat Report, premium-rate SMS Trojans continue to be attractive
to malware writers. Newer versions of these Trojans, such as the Android/Wapaxy, Android/LoveTrp
and Android/HippoSMS families, often sign up victims to subscriptions services and then “cleverly
deletes all subscription confirmation messages received so  the victim remains unaware of the
activity and the attacker makes more money,” the report said.

Spyware, however, is quickly gaining popularity. With this, attackers have access to and can
collect victims’ phone call history, text messages, location, browser history, contact list, email
and even camera pictures. Android/PJApp sends SMS messages, but it collects this sensitive
information as well. Phone calls can also be recorded and then forwarded to the attacker.
Android/NickiSpy.A and Android/GoldenEagle.A are two examples of spyware that can successfully do
this.

Another application-based threat deals with vulnerable apps, apps that aren’t particularly
malicious, but have software vulnerabilities that can be exploited for malicious reasons. McAfee’s
Dirro added that application-based threats are an “immediate way to make money and they can usually
get away with that money easily.”

Other experts caution that mobile malware hasn’t yet made a big enough problem to warrant an
enterprise’s full attention. Pete Lindstrom, research director at security research firm Spire
Security, explains that it’s “a heck of a lot easier to compromise an app on a laptop” than it is
on a smartphone. Attackers must first get a malicious app or mobile malware on a targeted device
and then figure out a way to bypass security restrictions in the phone’s mobile platform.

“There’s no denying that there’s a legitimate concern that these devices, as they play a bigger
role, are likely to be thought of by malware writers,” Lindstrom said. “There are likely other
bigger risks in your enterprise … but I think enterprises should be wary of smartphones.”

Currently, lost or stolen devices continue to plague enterprises and are their biggest threat,
Lindstrom said.  Fortunately, security technologies can locate and wipe a device if it falls
in the wrong hands.

Websense’s Runald predicts that social engineering and geolocation threats will proliferate.
“There’s going to be a way for the bad guys to use more social engineering techniques,” he
explained. “Geolocation-based services are becoming a big thing, so why not combine that with
something malicious?”

“These are the super early days,” added Runald, predicting that there will be several thousand
instances of mobile malware, more than double, in 2012. “Attackers are still learning how to use
it, how to spread it most effectively and what they can do with it … It’s not nearly as advanced as
it will be.”


Article source: http://searchsecurity.techtarget.com/news/2240112175/Malware-lost-or-stolen-devices-top-mobile-phone-security-threats

View full post on National Cyber Security » Virus/Malware/Worms