In an exclusive interview with Norton Mobile Security‘s director Anil Sharma, Krishna Bahirwani finds out the specifics.
How concerned should an average mobile user be about using an unsecured smartphone?
We live in a mobile-centric world, a fact that has not gone unnoticed by cybercriminals. They continue to step up both the ferocity and the sophistication of their attacks as more and more people spend their time and money on these devices.
With mobile, users have an ‘always on’ attitude as they are always connected to the internet, and it provides a massive target for malicious actors and threat vectors. Because people use their phones for both business and personal purposes, it opens up additional opportunities for attackers to deploy social engineering and other hacking techniques to try and infiltrate malware onto the devices.
Besides malware, people are also connecting to public networks when they are at home or travelling, logging into public Wi-Fi at coffee shops at airports. These actions offer attackers new ways to steal data by duping unsuspecting users with man-in-the-middle techniques. Hence, it is extremely important for users to be concerned about the security of their mobile devices.
Tell us about some of the most sophisticated mobile malware you have seen in the recent past and how you see the threats evolving in the time to come.
According to Symantec’s Internet Security Threat Report, the mobile threat landscape continued to grow in 2017. New mobile malware variants increased by 54 per cent, and an average of 24,000 malicious mobile applications were blocked.
India has seen a 60% increase in the infected mobile devices count since last year, making it one of the most targeted countries in the world. Malware attacks are the most popular, followed by threats from vulnerable Wi-Fi access points, and malicious sites. Most malware comes in the form of mobile apps in disguise of streaming apps, gaming apps, fake banking apps, fake social media apps and porn apps. Once the apps receive the required permissions they take control over a device. Thousands of devices are getting attacked every day and what is interesting is that the attacks take place during early mornings and late evenings by taking advantage of lack of attention from mobile device owners.
Some of the top mobile threats seen in the recent past are:
• MalDownloader – a wide variety of individual but unclassified threats
• Malapp – many individual but varied threats on Android devices that share similar characteristics
• FakeInst – hijacks SMS service on a device
• SmsBlocker – tries to gain root access and steals information from Android devices
• Premiumtext – sends SMS texts to premium-rate numbers
• Opfake – sends SMS texts to premium-rate numbers
• Fakeapp – that downloads configuration files to display advertisements and collects information from the compromised device
• Smsstealer – steals information from the compromised device
• Simplocker – encrypt files on the compromised device. It then asks the user to pay to decrypt these files.
• Mobilespy – steals information from Android devices
Last year’s predications by Symantec highlighted how IoT will continue to be plagued by poor security, with default passwords and unpatched vulnerabilities. IoT attackers have already started looking beyond routers and have begun to target other connected devices in a serious way.
What does the overall threat landscape for Android look like at the moment?
According to Symantec’s Internet Security Threat Report, there has been a continued increase in malicious activity related to mobile devices, driven by cyber criminals using tried and trusted methods to monetize attacks. While threats are on the rise, the problem is exacerbated by the continued use of older operating systems The Android operating system remains the focus for mobile threats, given that only 20 percent of devices are running the newest major version. Having said that, security improvements in Android’s architecture are making it increasingly difficult to infect mobile phones or to capitalize on successful infections. Mobile users also face privacy risks from grayware, apps that aren’t completely malicious but can be troublesome. Symantec found that 63 per cent of grayware apps leak the device’s phone number. With grayware increasing by 20 per cent in 2017, this isn’t a problem that’s going away soon.
What is the most dangerous form of malware out there for Android smartphone users, both enterprise and personal?
As we store more sensitive information on our mobile devices, maintaining the security of that data becomes more crucial. From personal photos and addresses to credit card information and phone numbers, hackers who gain access to our phones have more personal information available to them now than ever before.
Mobile attacks on android devices can be classified as app attacks, malware related attacks, and communication-based attacks, such as those on Wi-Fi or Bluetooth. Norton research suggests that over ten thousand devices are getting attacked every day and 39 percent of the malware attacks belong to varied type of threats that have a financial motive.
Infact, one of the biggest cyber security trends of 2018 is cryptojacking, where cyber criminals surreptitiously run coinminers on victims’ devices without their knowledge and use their Central Processing Unit (CPU) power to mine cryptocurrencies. Cryptojacking surged in the last quarter of 2017, with its growth in popularity coinciding with a surge in the value of cryptocurrencies, including Monero, which is mainly mined by CPU miners.
The primary effects of cryptojacking include: device slowdown, overheating batteries, increased energy consumption, devices becoming unusable, and reduction in productivity. Cryptojacking in the cloud could also cause additional costs for businesses that are billed based on CPU usage. While coin mining is not illegal, the main problem arises when people aren’t aware their devices are being used to mine cryptocurrency, or if cyber criminals surreptitiously install coinminers on victims’ device or Internet of Things (IoT) devices without their knowledge. We expect this problem to only increase in the coming months.
What does the outlook for iOS look like? Is the associated safety much higher or is that only because the prevalent threats aren’t well known?
Apple devices have experienced a surge in popularity in India in recent years. This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing malware designed to infect devices running on Mac OS X or iOS.
Infact this year, during the RSA conference, Symantec discovered an iOS vulnerability, called iOS Trustjacking. This vulnerability exploits an iOS feature called iTunes Wi-Fi sync, which allows a user to manage their iOS device without physically connecting it to their computer. A single tap by the iOS device owner when the two are connected to the same network allows an attacker to gain permanent control over the device.
Apple users should not be complacent about security. Users need to take precautions in order to prevent their devices from being compromised.
Are we going to see mobile security apps become a permanent part of our smartphone experience going forward?
Ans. Yes, in the mobile world, users need innovative solutions for privacy protection, detect unsecure Wi-Fi, enhanced anti-theft features and critical web protection.