Mobile Malware
– Kevin McNamee, Director, Alcatel-Lucent Kindsight Security Labs, says:
If 2013 trends are a predictor of what’s to come in 2014, mobile users need to pay particular attention to device security. Growth in smartphone adoption and LTE subscribers provides the means for cyber criminals to target you with their mobile malware.
In the Asia Pacific region, where a surging number of mobile devices are being supported by faster LTE networks carrying substantially more traffic, consumers are vulnerable to malicious malware attacks targeting information residing on their smartphones, tablets and tethered PCs. Additionally, mobile devices owned by the region’s corporate employees can be compromised for cyber espionage. From a remote web-based command centre an attacker can track the phone’s location, download contact lists and personal information, intercept and send message, record conversations and take pictures.
Based on the 20% mobile malware infection increase seen in 2013, Alcatel-Lucent’s Kindsight Security Labs conservatively estimates almost 12 million global devices were infected at any one time. While the average mobile malware rate for 2013 was .06%, its growth shows no signs of slowing. And although home device infection rates are much higher at 10%, it has leveled off and today we see botnets previously reserved for anonymous web browsing activities on home devices making the jump to mobile.
LTE devices are two times more likely to be infected by malware because their owners tend to spend more time browsing the Internet and accessing data. On average, an LTE user will consume twice as much data, including 50% more video, than 3G users. Meanwhile, Android devices are the favorite target of cybercriminals, accounting for 60% of network infections, which most often come from un-policed third party app stores. Window’s laptops accounted for 40% of infections: when tethered to a phone or connected directly through a mobile USB port. Mobile spyware ranked as one of the fastest growing threats to the Bring Your Own Device trend in workplaces. As this video demonstrates, it is easy for a hacker to inject spyware into an application to take control of one’s smartphone or tablet.
Despite this, few people install or keep current anti-virus software on their devices. And even when they do, a malicious app can easily evade detection by device based anti-virus as it continually evolves and becomes more sophisticated. As a result, service providers are increasingly offering a more reliable solution — network based anti-virus — to subscribers as a freemium or value added service. When an operator spots malicious or unusual device and network activity on a subscriber device, it immediately sends an alert to the subscriber via email, SMS, push notification or in browser notification to inform them of the threat and to provide instructions on how to remove it.
The exponential growth in smartphone and data usage across the globe will continue to be a catalyst for malware as the increasingly scale in which cyber criminals can have infection success is too irresistible. Smart operators are looking out for health and security of subscriber devices. Preventing information from being stolen or data plans from becoming high jacked and resulting in subscriber bill shock creates customer loyalty and reduces incoming calls into the telco service desk.