V3.co.uk

Firms and governments face mobile security nightmare as 23,000 new threats emerge

Kaspersky Lab calls for governments to team up in anti-hacker fight

Google Android Malware
0 Comments

Businesses and governments need to update their security strategies if they hope to protect themselves from rising tide of mobile threats, pegged at 23,000 for the year so far, according to Kaspersky Lab.

The Russian security firm released its Q1 2013 threat report on Tuesday, confirming it detected 22,750 versions of evolved mobile malware during the period. The figure means hackers have already created more than half the number of mobile malware that they did in the whole of 2012. Kaspersky said the number could continue to increase as virus writers keep taking advantage of security flaws in Android.

Kaspersky researcher David Emm told V3 the influx of new malwares proves governments and businesses current defence strategies are not adequate, on Wednesday.

"At a societal level, there are a number of factors that can help combat the increase in mobile malware. This includes the development of a legislative framework to deal with cyber criminals (in the UK we have well-developed legislation, but that's not true of all regions of the world), cross-border co-operation of law enforcement agencies, and market regulation (e.g. it's harder to set up an affiliate network that will allow successful monetisation of SMS-Trojans in the UK compared to Russia, China and other areas)," he said.

"In regards to businesses, organisations need to ensure they include mobile devices in their security strategy and deploy appropriate technology. This includes anti-malware, whitelisting, encryption, centralised policy management and containerisation of personal and business data (a result of the BYOD trend). It's also not just the threat of malware on the device, but the network itself, as shown by the discovery of 'Red October' - a targeted attack that specifically harvested data from devices connected to the network of victim organisations."

The report said: "Our data shows that in 2012 Android became the number-one target among virus writers, and that the number of threats over the course of the year grew steadily. Has this upswing in the number of mobile threats continued in 2013 so far? Indeed it has [...] A total of 99.9 percent of new mobile threat detections target the Android platform.

"January is traditionally a quiet month for mobile virus writers - ‘only' 1,262 new modifications appeared in the first month of the year. But over the past few months, Kaspersky Lab has detected over 20,000 new mobile malware modifications. In February, we detected 12,044 mobile malware modifications, and another 9,443 in March. To compare - a total of 40,059 modifications of malicious programs targeting mobile devices were detected over the whole of 2012."

Kaspersky said SMS Trojans that steal money from victims by forcing infected devices to text premium-rate numbers owned by the hackers remain the most used attack tool, accounting for 63.6 percent of all detected mobile threats.

Looking to the future Emm predicted the number will continue to increase as businesses reliance on mobile devices grows.

"The huge growth in mobile malware is a result of a number of different factors. Firstly, the huge numbers of smartphones being used. Secondly, the variety of ‘interesting' data now stored on these devices, such as: contacts, photographs, SMS messages, banking credentials and social networking logins," he said.

"Finally, the growing use of mobile devices in business and the lack of awareness from organisations around mobile threats. In a survey we commissioned last year, only 55 per cent of businesses considered mobile devices in the workplace a serious threat. The growth of mobile malware is only going to continue as people increasingly conduct business and sensitive transactions via mobile devices.

"Cybercriminals follow the money and as mobile banking and shopping continue to increase in popularity, so will the threats targeting these devices. However, it's not just financial data that's a key target, but also lots of personal data that can be harvested and used to frame targeted attacks."

Kaspersky is one of many firms to detect a marked increase in mobile malware targeting smartphone owners. Finnish security firm F-Secure said the number of mobile malware variants targeting smartphone and tablet users has risen by 49 percent since 2012 in its Q1 2013 Threat Report.

V3 Latest