Mobile is increasingly the channel of choice for consumers and that means that it is also the path down which many businesses are going when it comes to choosing internal devices for staff, whether company provided or an employee’s own (BYOD). Unsurprisingly, this focus on mobile brings with it a new determination from hackers and cyber criminals to gain access to devices, particularly as – in a business context – infecting one device can result in the successful penetration of an entire network.
Increase on mobile malware
Over the last couple of years we have seen a marked rise in the number of attacks aimed at mobiles as hackers recognise the comparative ease of using mobile applications as a way of spreading malware. Research carried out by industry insiders found that 17% of apps in the top 150 apps stores contained malware. Apps provide a much easier way of infecting a device as the attack surface is open and once the app has been released it’s almost impossible to defend against. Many malware infected apps are programmed to prevent themselves being uninstalled, or to reinstall automatically if they are removed manually from a device. This silent, sticky approach has proven so successful in terms of making money that it’s becoming one of the primary forms of attack for cybercriminals.
One particularly telling example is the banking industry, with mobile banking Trojans – once only targeting geographical areas such as Russia and the CIS – now spreading. Software security group Kaspersky Lab reported a 20-x increase in mobile malware modifications for phishing, stealing bankcard information and money from bank accounts in 2013. At the start of 2013 the company identified just 67 banking Trojans and by the end of the year the figure had risen to 1321 unique samples. Last year banking Trojans even started making global news headlines, such as ‘Shifu’ a Japanese Trojan attacking the Japanese financial sector, which less than a month later was spotted in the UK.
Mobile Device Management
Mobile device management is the key to avoiding issues with the new mobile-targeted Trojans. This is essentially the administration of mobile devices, from smart phones to laptops, and covers everything from securing them to monitoring, managing and integrating them into other systems. Mobile device management offers ways to manage apps, monitor security and track usage. Crucially, this includes blocking and/or removal of rogue apps that could bring the malware threat to your door.