Story image

Blue Coat sounds alarm on escalating mobile malware

04 Nov 15

Blue Coat Systems has sounded the alarm for individual and organisations to strengthen defences around mobile devices after seeing an escalation in insidious and malicious mobile attacks.

The security vendor’s annual State of Mobile Malware report shows cyber blackmail – or mobile ransomware attacks – led the way as the top malware type in 2015, along with the stealthy insertion of spyware on devices that allows attackers to profile behaviour and online habits.

Hugh Thompson, Blue Coat CTO and senior vice president, says as we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data the devices collect – something Blue Coat says is evident in the types of malware and attacks it is seeing.

And it isn’t just consumers under threat.

“The implications of this nefarious activity certainly carry over to corporate IT as organisations rapidly adopt cloud-based, mobile versions of enterprise applications, opening up another avenue for attackers,” Thompson notes.

“A holistic and strategic approach to managing risk must extend the perimeter to mobile and cloud environments — based on a realistic, accurate look at the problem — and deploy advanced protections that can prioritise and remediate sophisticated, emerging and unknown threats.”

This year’s survey shows ransomware, potentially unwanted software (Pus) and information leakage were the top types of mobile malware this year, with Blue Coat noting the world of mobile ransomware has grown dramatically over the past year.

“While some varieties that run on Android devices cause little damage beyond convincing victims to pay the cyber hostage-taker, many have adopted more sophisticated approaches common to ransomware in the Windows environment,” Blue Coat says.

The threats render music files, photographs, videos and other document types unreadable, while typically demanding an untraceable form of payment such as Bitcoin.

PUS exhibits behaviour typical of adware or spyware, spying on users’ online activity and personal data or serving extra ads, while information leakage malware watches users and reports out on a 24x7x365 basis.

“This information leakage is usually a minor drip, showing the version of their phone’s operating system, the manufacturer, the specific app or browser being used, or similar information,” Blue Coat says.

The report shows pornography returned as the number one threat vector, after dropping to number two last year. Blue Coat says when it sees a mobile user’s traffic heading to a malicious site, 36% of the time that user is following a link from a porn site.

WebAds, including malvertising attacks and sites that host Trojan apps designed to appeal to – you guessed it – porn site visitors, was the second most common threat vector, but accounted for less than 5% - a substantial drop from almost 20% last year.

SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”