Mobile platform to be key security focus for 2012
By SMBWorld Asia Editors | Dec 22, 2011
In a webcast hosted by Trend Micro, Raimund Genes, Trend Micro’s Chief Technology Officer coined 2011 as the “Year of Breaches,” in line with the high profile data breaches in government, commercial, and technology industries.
As we move into 2012, Genes predicts the mobile platform to take center stage—in both attacks, and the development of security measures, given Android’s fast rise in becoming the dominant operating system in 2011 (jumping from a 25% market share in 2010 to a 56% market share in 2011). Given the growth rate of new Android malware samples TrendLabs has received to date, Genes predicts to see more than 100,000 malicious Trojans for Android by December 2012 should the said growth rate continue.
Another security provider, FortiGuard Labs found interesting the disparity between the amount of malware found on the Android operating system compared to that found on iOS, relative to their market share size.
“FortiGuard Labs has found approximately five times the amount of malicious families on the Android OS versus what we’ve found on iOS,” said Axelle Apvrille, senior mobile anti-virus researcher at Fortinet. “We believe that this disparity can be attributed to the way Apple handles iOS application development and distribution. Unlike Android, which makes it fairly easy to place applications for people to download, iOS requires developers to undergo some strict screening from Apple before the application can make it to the Apple Store. That’s not to say that Apple is totally immune from being infiltrated by malware – the Eeki banking worm proves that – but it is a testament to why we’re seeing so little activity on the iOS platform.”
“Unfortunately, we believe Android’s higher market share and open development environment comes with a price; an almost six-fold increase in malware targeting the operating system,” Apvrille continued. “To date, our Labs have seen a 90% increase in Android malware families in 2011 compared to 2010, while malicious iOS families only increased by 25%. Of course, those statistics do not account for infection rates or dangerousness.”
The Top 5 malware families for which FortiGuard Labs have received the most samples in 2011 are:
· Geinimi: Android’s first botnet, which sends a victim's geographic location and controls his/her phone remotely. For example, Geinimi can force the infected phone to call a given phone number.
· Hongtoutou: A Trojan live wallpaper that steals private information such as the victim's subscriber number (IMSI) and automatically visits Websites that the malware directs it to.
· DroidKungFu: Another botnet that has multiple capabilities such as remotely installing other malware, remotely starting specific applications and adding bookmarks.
· JiFake: A fake instant messenger application that sends SMS messages to premium phone numbers
· BaseBridge: A Trojan that sends SMS messages to premium numbers
Mobile threats are in addition to the risks around data breaches characterized by the large acceptance of the Bring Your Own Device (BYOD) trend as well as the proliferation of APTs, or advanced persistent threats, which Genes predicts will be more targeted, and will increasingly threaten SMBs, who have higher risk in intellectual property security.
Knowledge Central Multiple
KMC Solutions (KMCS), an outsourcing and offshoring corporate services provider in the Philippines, picks Dell to help them increase its IT infrastructure and meet increasing demands from clients entering the Philippine market.
It’s becoming increasingly clear: Businesses that don’t embrace consumerization of IT and BYOD are putting themselves at risk for low employee morale. However, before embarking on a large-scale BOYD initiative, you need to understand the implications on corporate IT.