Security

08:13 AM
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

Mobile Malware Threat Exploding

As workers and customers move to mobile devices and with financial firms launching new mobile capabilities each month, enterprises are becoming move vulnerable to the increasing number of mobile malware threats.

Challenge: The next battlefront in the data security war is mobile, as mobile malware incidents continue to rise. Collaboration is key to success.

Why It's Important: Mobile malware is on the rise, exploding in magnitude in the past six months. In the past year, the number of variants of mobile malware has exploded from several hundred to hundreds of thousands, if not millions. It comes in many forms, such as SMS grabbers that reroute multifactor identification, and it undermines security measures by even the most fortified institutions.

We're all infected with malware; it would be unwise to deny this simple truth. The point of infection has evolved beyond simply clicking a suspicious link. Today simply viewing a webpage, even a trusted bank's home page, is enough to get a footprint on your device. Call it "drive-by malware," if you will. Mobile browsers and applications are no exception.

McAfee has recorded 50,926 mobile malware threats, with 28% of that total arriving in Q1 2013 alone. In all of 2011, McAfee recorded only 792 threats.

Where The Industry Is Now: A mistake any company can make is to put the burden of protection onto the end user, such as asking them to update their browser, or not click on suspicious e-mail links. Malware must be stopped at the enterprise level, and the movement to collaborate on effective solutions is underway.

According to Jens Hinrichsen, VP of marketing and business development at Versafe, a provider of fraud detection solutions, the amount of malware is spiking, but the industry is seeing just the first wave of much more sophisticated malware. "I expect we'll see another wave in 6 to 9 months," Jens says. He adds the malware is similar to what we see on PC and laptops. "It's very surgical at times; they might modify mobile malware to go after a very specific exploit."

[For learn more about all of the topics that will shape the business technology landscape next year, download the November Digital Issue: Capital Markets Industry Outlook 2014.]

Focus In 2014: Corporations have had time to prepare for the increase in attacks, but that hardly makes it manageable. "So much is infected," says Hinrichsen, "that firms are asking, ‘How do we protect the data? How do we separate different parts of the mobile device?' Everyone knows they have to do something, even if it's in preparation."

In response, in 2014 we can expect to see an increased focus on mobile application management and mobile device management, or the ability to delete anything off of a device without interruption to the user. We'll also see corporations making significant investments to fortify their websites.

Industry Leaders: IBM's Trusteer is a global leader in endpoint cybercrime prevention. On many levels, it's architecting security options and helping organizations with policy. Bromium is another provider that uses a technology called microvirtualization to address enterprise security at the endpoint. F5, which acquired Versafe, has a blended strategy to protect Web applications.

Technology: Android, which is a largely flexible platform, is most prone to mobile malware, but other platforms are hardly far behind.

Developers must remember that for attackers, this is their livelihood and they will always follow the money. As the industry cracked down on other types of fraud it will continue to squeeze attackers into the online and mobile world. Specialized and sophisticated malware will continue to pop up as each portal is blocked.

Prediction: There is a big push to collaborate and share threat information. People don't know what they want, and there are different ways to fight the same kind of things. Organizations with enough clout will step up and dictate the needs of industry, encouraging each other to team up and create a best-of-breed solution as part of this ongoing dance with attackers. As the industry has discovered with other forms of security, it becomes more sophisticated when working together, and now that there's an influx of mobile threats it must pool resources for protection. Becca Lipman is Senior Editor for Wall Street & Technology. She writes in-depth news articles with a focus on big data and compliance in the capital markets. She regularly meets with information technology leaders and innovators and writes about cloud computing, datacenters, ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Becca L
50%
50%
Becca L,
User Rank: Author
11/1/2013 | 4:02:55 PM
re: Mobile Malware Threat Exploding
That's what a hear. The Android system is more flexible, making it an easier target, but if we're going by the "follow the money" logic, I'm surprised iOS isn't overwhelmed with malware. Soon...
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
11/1/2013 | 3:49:30 PM
re: Mobile Malware Threat Exploding
Almost all of this malware is on Android, with very little on iOS. In the coming years it will be interesting how that fact affects the mobile market.
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
11/1/2013 | 3:48:52 PM
re: Mobile Malware Threat Exploding
It's also incredibly easy to move the malware that they've already created for online hacking over to the mobile channel. A lot of the same malware attacks are appearing on mobile that we've seen for a long time online.
Becca L
50%
50%
Becca L,
User Rank: Author
10/31/2013 | 3:06:26 PM
re: Mobile Malware Threat Exploding
Too true. It's "annoying" enough to update to a new itunes or operating system. Without a catalyst to update/install, users think; what's the big deal? A CIO, CEO, etc may be more conscious about guarding their information because they're presented with sensitive information daily, a worker farther down the chain may not think twice about updating their phone, providing hackers with an ideal entryway.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Apprentice
10/31/2013 | 2:05:04 PM
re: Mobile Malware Threat Exploding
Yeh, consumers are probably one of the biggest "holes" in the security fabric for financial institutions. To put it nicely, we (consumers) "stink" at following security best practices.
Byurcan
50%
50%
Byurcan,
User Rank: Author
10/31/2013 | 12:31:35 PM
re: Mobile Malware Threat Exploding
It's been said often that fraudsters create new malware almost instantly for every new technology that comes out. While I agree that company's can't put the entire burden protection on the end user, they are responsible too. Consumers love the convenience of mobile but don't want to go through the necessary security measures much of the time.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.
Video