Porn 'responsible' for mobile malware
2013-02-13 09:50
Cape Town - A security survey has found that pornography is primarily responsible for malware on mobile devices.
According to a Blue Coat Systems investigation, porn sites present threefold increase in the risk of malicious software on mobile devices.
The report said that the companies would have to invest in security for mobile devices, particularly as BYOD (Bring Your Own Device) movement rises in the enterprise environment.
"Extending security to mobile devices will be essential for businesses that need to protect their assets as well as their employees. Cybercriminals see the value in these targets as businesses continue to adopt BYOD initiatives, and businesses need to be prepared in 2013," said the report.
According to the report, mobile threats have not been able to break operating system security, but scams are focused on stealing money in the form of premium texting and personal information.
Pattern
Some estimate that identity theft is big business with over $50bn in financial losses from around 7% of US citizens each year.
Traditional hacking scams rely on user behaviour to infect a device and criminals have shifted their focus to corporates for financial reward.
"Cybercriminals have switched from home users to corporates and in the last 15 months, maybe a year and a half, they are more interested in attacks on corporates and small and medium companies," Sergey Novikov, head of Kaspersky Lab Global Research and Analysis Team told News24 recently.
The Blue Coat Systems report shows that cyber criminals are following a similar pattern with mobile devices as they did with computers.
"The most successful mobile malware tactics, including scams, spam and phishing, are classics that dominated the threat landscape when malware first moved to the web. These device-agnostic, easy-to-deploy attacks provide a natural crossover point for cybercriminals that are interested in launching attacks against mobile devices," said the report.
A key vulnerability that could facilitate mobile attacks is that operating systems for many mobile devices are not routinely updates.
According to a Trustwave Global Security report, Android users are most vulnerable to cyber attacks because of older operating systems.
Warrantee
"All major vendors routinely issue OS updates, but device manufacturers are often not motivated to roll out those updates to users. This leaves users vulnerable to exploits that may have patches - but those patches are useful only if the OS is up to date," the report found.
While Android users can root their devices to update the operating system, it often voids the device warrantee.
Manufacturers' reluctance to rollout OS updates leaves the overall majority of Android users with outdated software.
"This issue is most prevalent with Android; device carriers are reluctant to make new versions of the OS available to users of older devices. Some estimates indicate that at least 90% of Android owners are vulnerable to known flaws because they can't update their OS," the report said.
- Follow Duncan on Twitter
