Cybercrime Goes Mobile

According to Symantec’s  2012 Norton Cybercrime Report [PDF file], cybercriminals are increasingly targeting mobile devices. Thirty-five percent of adults have lost their mobile device or had it stolen, and 31 percent of mobile users say they’ve received a text message from someone they don’t know requesting that they click on an embedded link or dial an unknown number to retrieve a “voicemail.”

At the same time, the report states, mobile vulnerabilities doubled from 2010 to 2011. “Cybercriminals are changing their tactics to target fast growing mobile platforms and social networks where consumers are less aware of security risks,” Norton Internet Safety Advocate Marian Merritt said in a statement.

Mobile Security Policies

For nCircle’s 2012 Bring Your Own Device (BYOD) Security Trend Survey, the company surveyed more than 547 people in the IT security industry. According to the respondents, companies are gradually increasing their adoption of mobile device security policies. Seventy-one percent said their organization has a mobile device security policy, up from 58 percent in 2010.

“The surge in BYOD has IT department scrambling to make sure their networks can accommodate these devices securely,” says nCircle director of security research and development Lamar Bailey. “IT departments are buckling down and deciding on policies that determine how these devices can be managed with an acceptable level of risk.”

Mobile Apps under Attack

Arxan Technologies’ report, State of Security in the App Economy: Mobile Apps Under Attack, states that more than 90 percent of the top 100 paid mobile apps have been hacked, including 92 percent of the top paid iOS apps, and 100 percent of the top paid Android apps. Similarly, 40 percent of popular free iOS apps and 80 percent of popular free Android apps were found to have been hacked.

The types of hacks uncovered by Arxan included disabled or circumvented security, unlocked or modified features, free pirated copies, ad-removed versions, source code/IP theft, and illegal malware-infested versions.

MobileAppAttack

“The integrity of mobile apps can be easily compromised through new tampering/reverse-engineering attack vectors,” Arxan vice president Jukka Alanen said in a statement. “The traditional approaches to application security such as secure software development practices and vulnerability scanning cannot address the new hacking patterns that we identified. The findings call for new approaches for mobile app owners to build protections directly inside their apps to withstand these new attacks.”

Top 10 Android Malware Threats

According to Bitdefender’s H1 2012 E-Threat Landscape Report [PDF file], the Trojan Android.Trojan.FakeDoc.A led with 21.83 percent of all mobile malware infections worldwide in the first half of 2012. “Before installation, the app requires access to the user’s Gmail account so it can covertly broadcast location, e-mails and carrier ID to an attacker-controlled server every four hours,” Bitdefender senior e-threat analyst Bogdan Botezatu wrote in the report.

Looking ahead, Botezatu wrote, “The popular Android platform will come under heavy fire in the next six months, as its open application distribution model facilitates the delivery of malware through repackaged applications, especially in areas where an official Play Store is not available, such as China.”

Risky Mobile App Marketplaces

According to TrustGo’s Summer Mobile Mayhem Report 2012, a study of 1.7 million apps found on 175 marketplaces across the globe from June to August of 2012 found that more than one in six mobile apps offered worldwide contain high-risk code that can compromise user security. Europe’s Aproov market is the safest marketplace in the world, according to the report, while Google Play is the fifth safest marketplace, with more than 90 malicious apps offered.

At the other end of the spectrum, China’s Anzhi marketplace is the riskiest marketplace worldwide. “Many Chinese users can’t access the Google Play marketplace, so a large number of third party stores have popped up to fill the void,” TrustGo founder and CEO Xuyang Li said in a statement. “Unfortunately, this has made China’s marketplaces especially insecure because many download sites haven’t set up controls necessary to keep bad apps off their platforms.”

Cybercrime Goes Social

According to Symantec’s  2012 Norton Cybercrime Report [PDF file], cybercriminals are focusing on new targets, including social networks, with 39 percent of social network users falling victim to social cybercrime. While 75 percent of social network users are aware that cybercriminals are targeting social networks, only 44 percent use a security solution that protects them from social network threats and only 49 percent use social network privacy settings to control what information they share and with whom.

On-premise vs. Cloud Security

According to Alert Logic’s Fall 2012 State of Cloud Security Report, which is based on operational data from more than 1,600 business customers with IT infrastructure in both on-premise and service provider and cloud environments, on-premise infrastructure is actually more likely to be attacked than cloud-based infrastructure.

“Businesses with on-premise IT environments consistently experienced more frequent attacks across a more diverse set of threats, compared to businesses with cloud-based IT infrastructure. … While roughly half of all customers – whether service provider or on-premise – were likely to have experienced a Web application attack, the average number of such attackers was 61.4 among on-premise customers,” the report states. “For service provider customers, it was 27.8.”

Jeff Goldman is a freelance journalist based in Los Angeles. He can be reached at jeff@jeffgoldman.com.