There’s a lot of airtime devoted to all the different malicious threats that attack computers, but not as much attention is paid to mobile malware. That is starting to change, however, as mobile malware is becoming a very real problem for many people and businesses. With the rise of mobile-centered efforts like work from home policies and remote work solutions, mobility is assuming a pivotal role in the workplace. However, as is often the case, the proliferation of office mobile tech is outpacing the means of defending it. The lagging nature of mobile security is one of the key factors behind an influx in mobile cyber crime, a surge that threatens to continue growing unless businesses make an effort to curb it.
A changing threat realm
To work toward keeping mobile malware at bay, it is first important to examine how the virtual threat atmosphere has changed and evolved recently, and how the malicious tide has shifted toward mobility. In the past few years, we’ve become accustomed to hearing about a multitude of new cyber threats emerging on a constant basis. Paired with these stories of emerging malicious strains are an inevitable slew of enterprise breaches.
Many of the big corporate breaches to make headlines began with a computer systems-based attack. As a result, computer malware is the type that continues to command the most attention. But it’s hardly the only threat, as mobile strains lurk on the horizon. The volume of mobile malware has shot up massively in the past few years. As CSO pointed out, mobile users found themselves faced with mobile malware at a rate 75 percent higher in 2014 than the previous year.
“We’ve seen a significant increase in both the frequency and sophistication of [mobile] attacks that would truly represent a concern for the enterprise, like exploits that would let the bad guys get access to corporate networks,” mobile security expert Aaron Cockerill told CSO. “We also saw a greater prevalence and sophistication of applications that enable rooting or jail breaking the device.”
Employee mobility presents a potential access point for malicious actors that wouldn’t exist with computing platforms. For example, when employees work remotely from their smartphones or tablets, that places them in an inherently more vulnerable position than if they were working in the office. Cyber criminals are becoming increasingly adept at targeting and exploiting mobile users, creating and refining mobile malware strains that victims falling prey to.
Recent mobile malware strains illustrate the growing problem
Back in June 2013, G Data Security Labs released a report showing that a brand new type of Android-based malware was emerging every 22 seconds. And keep in mind that this was 2013, before the major mobile malware surge that happened the following year. Among the vast array of mobile malware strains out there, several strains stood out as being particularly damaging and widespread. Here are some of those strains:
- GingerMaster: Back in 2011, a research team led by Xuxian Jiang, an Associate Professor in the Department of Computer Science at NC State University, uncovered a powerful strain of Android malware. At the time, the malware was particularly concerning in that it seemed to be able to dodge any attempt at detecting it. It accomplished this because its makers were able to repackage the GingerMaster malware into regular apps. What would then happen is that users would download and use the seemingly regular app without any indication that there was a problem. But in reality, GingerMaster was simply doing its malicious work silently, in the background of the mobile device’s operations.As a malicious technique, this kind of silent process is one of the most potentially damaging out there, and GingerMaster was no exception. The malware quickly succeeded in racking up private information – including phone numbers and device IDs – of the devices it infected. It then transmitted this data to a server. In this way, cyber criminals were able to glean privileged information thanks to a malicious process that was, at the time, unique in its ability to dodge detection.
- iBanking trojan: Not surprisingly, malware authors are always working to stay one step ahead of the people trying to bring them down. For this reason, they’re apt to release version after version of a particular malicious strain, refining it with each iteration to make it harder to suppress. It was through this process of malicious development that iBanking emerged as one of the more notable mobile malware strains out there. As Ars Technica pointed out, iBanking in its first appearance was a fairly unsophisticated malware package with a limited range of functions.But cyber criminals spent time developing the iBanking strain, until it became, as Ars Technica calls it, “the Swiss Army knife of Android malware.” Simply put, it was perhaps the most versatile malicious presence at the time. This versatility began at the point of infection. As Ars Technica pointed out, iBanking was able to disguise itself as a variety of different legitimate apps, including social networking, banking and security applications. In this way, it was hard to pin down and easy to download.Once iBanking was present on a device, the real problems began. It had, Ars Technica stated, “the ability to redirect incoming voice calls, covertly capture sounds within range of the device’s microphone, track geolocation, access the file system, and remotely corral the device into sprawling mobile botnets that use either HTTP or SMS to communicate, depending on the current network status of the infected handset.”
Putting a stop to it
A mobile malware strain that infects even a single employee’s connected device has the capacity to do significant damage to the entire organization. This is not a predicament any company wants to find itself in, which is why proactive mobile defense measures are necessary at businesses spanning all industrial sectors. Currently, there’s not enough being done to prevent the spread of mobile malware among individuals and businesses, which is why it’s such a pernicious problem. But enterprises falling victim to mobile intrusions does not have to be an inevitability. By taking the proper steps, businesses can guard their employees and networks. Here are some of the key moves companies should make to keep mobile malware at bay:
- Teach employees the fundamentals of safe browsing: At the company administrative level, it’s imperative to ensure that all employees who will have mobile access are also equipped with the knowledge and skill sets to carry out that work in a safe manner. Otherwise, a single staffer slip-up like the inadvertent downloading of malware can quickly balloon into a company-wide problem. To prevent this from happening, it’s the responsibility of companies to educate their workers as far as what to be mindful of when doing company work via mobile devices. Some of these lessons include:
- Not clicking on online advertisements: As the BBC pointed out, online ads aren’t only a source of computer malware, but of mobile malware as well. As the article reported, ad-based malware works the same way it does for computing users: When mobile users click on the malware-laden ad, they unleash a malicious strain on their smartphone or tablet. Employees whose tablets and smartphones are linked up to the business network must be instructed to avoid clicking on any ads that pop up. Otherwise, that’s a sure-fire way to get attacked.
- Having a passcode: Pretty much all mobile devices give their users the option of entering a passcode each time they want to access the device. While this is a recommended step for all mobile device owners, it’s absolutely vital for individuals whose devices are linked to the company network. Without a passcode, anyone can gain access to a mobile device. This means that an employee tablet without a passcode left at a train station automatically becomes a malicious point of access for a cyber criminal. For employees, having a passcode in place is one of the easiest steps they can take to ensure safer mobile use.
- No jailbreaking: Jailbreaking is a process wherein an individual intentionally removes manufacturer and carrier restrictions from his or her mobile device. The impetus for this is that jailbreaking opens up the opportunity to download apps that you otherwise wouldn’t be able to get. But this process also significantly threatens device security, which is why no jailbroken tablet or smartphone should be present in a company’s mobile network.
- Don’t trust third-party app stores: Apps have changed the way we live our lives – and the way companies do business. But if an enterprise wants to add a mobile app to, say, improve the customer experience, it must be sure to thoroughly vet the app and ensure it doesn’t contain malware. One of the easiest ways to do this is by following a simple rule: Don’t download apps from third-party stores.”Most malicious software is found in third-party app stores popular in a few countries that are loaded with pirated versions of software or trojanized applications,” PCWorld stated. To avoid this kind of trouble, stick with reputable app stores where malicious programs are less likely to slip through the cracks.
- Implement antivirus software: It’s not enough to just have antivirus software installed on business computers anymore. With the proliferation of mobile device use, businesses need to extend that protection to mobile devices as well. Antivirus solutions play a vital role in keeping mobile malware at bay by providing continuous monitoring for – and detection of – malicious strains. Oftentimes, the malware that does the most damage is the strain that lurks on a system undetected for extended periods of time. Antivirus software significantly reduces the possibility that such a period of malicious latency will occur.
- Promote a mobile security mindset within the office: One problem that contributes to the rise of enterprise malware – both on computers and mobile devices – is a lack of attention paid to mobile issues at the administrative level. Sure, computer and mobile security may not appear to be the most business-forward issues to bring to the weekly company-wide meeting, but failing to give these things the airtime they require will result in a more scattershot – and therefore vulnerable – enterprise defensive strategy. The key for enterprise mobile defense is for the entire business to put on a united front. If there’s one element within a company that’s not as prepared as the rest of the organization, this can threaten the whole security infrastructure. That’s why it’s necessary to ensure that mobile security is given consistent and in-depth attention at the highest levels of the business. Without this, disorganization will ensue.
A look at the mobile threat atmosphere makes one thing clear: The threats we’re facing today aren’t going away anytime soon. As cyber criminals continue to capitalize on the vulnerabilities of mobile devices, the onus falls on businesses to do everything in their power to guard mobility. Otherwise, it becomes just another platform that can be easily attacked.