Mobile invaders

Are my IT systems safe from intruders? It’s a question likely to be on the mind of most GITEX visitors this week.

  • E-Mail
Mobile invaders
By Staff Writer Published  October 9, 2011

Are my IT systems safe from intruders? It’s a question likely to be on the mind of most GITEX visitors this week. Here, GITEX Times takes a look at how the spread of high-powered mobile devices has brought with it new and dangerous threats to the enterprise.

The proliferation of smart, mobile devices in recent years has been unrelenting, and continues to grow. Statistics published by IT market watcher IDC earlier this year showed that global shipments of smartphones will rise to 472 million by the end of this year, from 305 million in 2010. By 2015, IDC predicts, this figure will surge to approximately 982 million – almost one sixth of the world’s population.

As a result of this explosion, these devices have made serious roads into the enterprise, but not without attracting a new breed of information security risks. A separate study, conducted by security software provider Kaspersky Lab, discovered that the number of malicious programs attacking mobile devices more than doubled between August 2009 and December 2010. The Moscow-based firm’s analysis showed that the volume of recognised threats rose 65% during this period, including more than 1,000 new variants from 153 different families of viruses.

“The main reason for significant growth of mobile malware is that today more and more people use smartphones, [which] are almost equal to personal computers,” explains Denis Maslennikov, senior malware analyst at Kaspersky Lab. “We can read emails, play games, surf the internet, communicate in social networks [and] use online banking. [The] popularity of mobile devices was definitely noticed by cybercriminals, and they started creating various malwares for different platforms.”

Kaspersky’s research also discovered significant disparity between the types of devices being targeted by cyber criminals. Those smartphones running on Google’s Android operating system are being targeted more heavily than others, according to Maslennikov. “In 2011, 75% of all discovered malware for smartphones was created for [the] Android platform,” he says. “This is no surprise because Android today is one of the fastest growing platforms.”

Maslennikov claims that Android is also more attractive to malicious programs because it is open source. This means that unlike proprietary platforms, like Microsoft’s Windows and Apple’s iOS, the source code to Google’s Android is available to everyone who so desires it. He argues that the wide distribution of the Android source code had delivered it into to the hands of more cyber criminals, while the presence of ‘unofficial’ application stores has also broadened the threat landscape. “The second reason is that Android is an open platform, and users can install applications not only from official Android Market, but from third party sources also,” he remarks.

It is not only the choice of hardware and accompanying software that determines the risk of each device to the enterprise. A significant part of the threat level is down to the behaviour of the device’s user, according to another expert. “These devices are more often than not, personally owned devices and therefore out of the control of the IT department,” believes Florian Malecki, EMEA senior product marketing manager at SonicWall, a provider of networking security products. “They routinely operate on unregulated 3G and 4G connections and, after that, connect to the corporate network. This is where the threat lies, and hackers are becoming more and more sophisticated at exploiting these vulnerabilities.”

Malecki explains that there are a number of methods by which hackers and cyber criminals can gain access to sensitive corporate data via smartphones. For one, data can be leaked inadvertently over unsecured mobile internet connections, he says. Arguably more of a threat though is the risk of corporate sensitive data being accessed via emails or documents stored on mobile devices, which are then lost or stolen. In addition, while outside of the corporate network users can inadvertently download malware-laden applications from the internet, which when introduced to the corporate network, can not only become a drain on bandwidth, but also pose information security risks.

Malecki believes that so far, organisations have been reluctant to recognise the above problems. “IT departments the world over have been reticent to accept the ubiquity of mobile technology and are slow to innovate to secure their networks,” he claims. “While mobile devices empower employees to engage, connect and innovate, they also represent potential security threats. IT departments need to start defining appropriate policies.”

Tarek Abbas, MEA systems engineering director at Juniper Networks, a provider of networking and security products, agrees. He argues that malware targeted at mobile devices is close to reaching the same sophistication of those that attack wired networks. Despite this, many device users fail to install anti-virus tools on to their handsets. “Mobile application downloads are the greatest risk for malware for smartphones,” Abbas believes. “Also, mobile devices are increasingly susceptible to Wi-Fi attacks, including applications that enable an attacker to easily log into victims’ email and social networking applications.”

However, Abbas claims that organisations in the Middle East are increasingly waking up to the mobile security dilemma, and there are effective defensive measures that they can take. First of all, installing effective anti-virus software is essential. “Security teams also need virus definition updates to be propagated to devices automatically,” he explains. “In addition, mobile devices need capabilities for doing real-time scanning of incoming files and scans of internal memory, memory cards, and the entire device, as well as generating automated alerts if malware is detected.”

He also recommends that organisations implement management capabilities that give them a high-level view of the status of each device being connected to the corporate network, and allow remote access and control by administrators. “This includes capabilities for using GPS to identify the precise location of a missing device. If a device is not retrieved, or an interim device needs to be employed, organisations should be able to restore data to any subsequent device,” Abbas says. “Administrators need capabilities for remotely controlling devices, including initiating backups, locking, and removing sensitive data.”

Bulent Teksov, security strategist for the Middle East at Symantec, a provider of IT security and storage solutions, believes that issues with mobile security are higher in our region. At least part of this is down to an immature knowledge of mobile threats. “[The] Middle East has one of the highest penetrations of mobile devices in the world,” he reckons. “We [have] also witnessed a shift in cybercrime volume targeted towards the region. Against a backdrop of a generally lower understanding of security threats posed by mobile devices globally, the region is at high risk and vulnerable.”

In addition to this regional perspective, Teksov believes that there are a few other ways by which mobile devices can be compromised, and how these security gaps can be plugged. One overlooked threats, he believes, is what Teksov calls ‘social engineering’ attacks. These trick users into downloading malicious software which mimic authentic applications – once installed, they may then steal data or spread to other parts of the network.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code