Hackers find their killer apps for smartphones

Mobile malware reached a new level of maturity in 2011, with threats targeting smartphones and tablets beginning to pose meaningful challenges to users, enterprises and service providers.
 
Juniper Networks' Mobile Threat Center (MTC) said in a new report that the boom in mobile devices and applications, both for businesses and of consumers, is also benefiting hackers. Global mobile handset shipments last year reached 1.6 billion and tablet shipments reached 66.9 million. The MTC examined 793,631 apps and vulnerabilities across every major mobile device operating system.
 
The "Mobile Threats" report shows that there are more attacks with ever smarter malware, largely due to the ease of unleashing them.
 
First, there is more mobile malware than ever before. There was a record number of mobile malware attacks last year, particularly on the Google Android platform. In the last seven months of 2011 alone, the number of malware targeting the Android platform increased by more than 34 times. The combination of Google Android's dominant market share and lack of control over the apps appearing in the various Android app stores created a perfect storm, giving malware developers the means and incentive to focus on the platform.
 
Market share of smartphone subs. Source: comScoreResearch into Apple iOS security remains limited given the closed nature of its platform. But in 2011, security researchers were successful in getting an unapproved app onto the Apple App Store.
 
Overall, from 2010 to 2011, the MTC identified a 155% increase in mobile malware across all mobile device platforms. Last year, spyware and SMS Trojans comprised the vast majority of malware targeting mobile devices at 63% and 36%, respectively.
A new attack method dubbed "Fake Installers" was the fastest growing type of malware found in 2011. Fake Installers trick victims into unknowingly paying for pirated versions of popular apps that are normally free.
 
In addition, consumers and enterprises remain susceptible to a very low-tech risk - lost or stolen mobile devices. Nearly one in five users of Junos Pulse Mobile Security Suite required a locate command to identify the whereabouts of a mobile device.
 
Second, mobile malware has gotten smarter. Cybercriminals continue to hone their craft by finding new ways to exploit vulnerabilities and human behavior for profit across all mobile platforms and devices. In addition, the growing focus on security among researchers demonstrates the maturation of mobile security as an issue of concern for the business community as a whole.
 
Finally, the barrier to entry is low. Mobile users are downloading applications more than ever before and these are turning out to be the "killer apps" for hackers. App stores are fast becoming the prime delivery mechanism for infected applications. As we have seen a boom in the number of application developers, we have also seen a flood in the number of attackers.
 
"It is vital that consumers and businesses take the necessary security precautions when using mobile devices," said Sanjay Beri, VP and GM of Juniper's Junos Pulse business unit.
 
"Securing mobile devices requires a combination of safeguarding connections from interception, securing data in transit from prying eyes or theft, protecting against fast-propagating malware, possessing the tools to manage devices and apps, and securing the data, usernames and passwords on them in the event that they are lost or stolen," Beri said.
 
Cumulative Android malware increase. Source: comScoreJuniper recommends individuals to take steps such as installing on-device anti-malware solutions and a personal firewall, and using strong passwords that expire. Individuals should be cautious about downloading apps and use anti-spam software. They should also install remote locate, track, lock, wipe, backup and restore software to retrieve, protect or restore a lost or stolen mobile device and the personal data on that device.
 
For enterprises, government agencies and small-and-medium-sized businesses, they should use an SSL VPN client and a solution that integrates with network-based technologies to determine appropriate access rights based on user identity and device security posture. They should also support all major mobile platforms as well as use on-device anti-malware, host checking, and firewall. They should also use centralized remote locate, track, lock, wipe, backup and restore facilities.
 
Juniper said organizations need to implement centralized administration to enforce and report on security policies as well as device monitoring and control.

They should also allow management capabilities to enforce security policies, and enable an administrator to monitor device activity for data leakage and/or inappropriate use.