Taking security for mobile to great heights

Cyber criminals are no longer developing entirely new malware. It has become more sufficient to make small changes to existing families in order to evade security, an indication that the threat environment is getting more and more sophisticated



Laptops and desktop computers aside, mobile phones too need virus protection. The work place of today is where the Smartphone is being used along laptops and desktop computers. That’s why Check Point, a network cybersecurity vendor, is making it easy for users by providing a data based breakdown of new and prevalent threats, as well as the ways of dealing with the risks.

Threat intelligence drawn from the company’s ThreatCloud World Cyber Threat Map, which tracks how and where cyber attacks are taking place in real time has left people scratching the back of their heads with the begging question in everyone’s lips being; how do you protect today’s 5th generation mega attacks that target networks, clouds, mobile devices, and end points?

This year alone, more than 1,500 different malware families were identified during January, 1,400 in February and 1,300 in March. Throughout the quarter, the Conficker and Sality families were two of the most commonly used malware variants in the quarter, with Sality ranking first in both Nigeria and Kenya. In mobile devices specifically, Hummingbad, which was previously an unknown agent, ended the quarter as the top threat globally.

Discovered in February 2016, Hummingbad agent became the seventh most common malware detected targeting corporate networks and devices, and in March it moved up to the sixth spot. It targets Android devices specifically, facilitating malicious activity such as installing key-loggers, stealing credentials and bypassing encrypted email containers used by companies, allowing for interception of corporate data. It was the third highest threat in Kenya in the first quarter, and seventh in Nigeria.

Rick Rogers, area manager for East Africa and West Africa at Check Point Sotfware Technologies says that the increase in threats targeting mobile devices reveals deep gaps in the threat environments. To him, if your device is compromised then your data is also compromised.

“I think there’s a number of things that underpin statistics,” Rogers says. “The way that mobile malware specifically spreads is in the millions. You can have traditional malware that’s infecting companies and maybe it attacks 20,000 laptops or 20,000 end points. When you compare that in millions you can quickly see that mobile malware is becoming very attractive to hackers.”

Mobile malware just spreads, so it seems. Actually, when you embed malware into an application and people want that application, the distribution point for that is inside the app. If 5 million people download that malicious app for example, what it means is that 5 million people are with the malware.

But as cyber-criminals continue to target mobile devices, experts talk of a decrease in the variety of malware families. There is now a concentration trend whereby cyber criminals are no longer developing entirely new malware. It has become more sufficient to make small changes to existing families in order to evade security, an indication that the threat environment is really getting more and more sophisticated.

“This quarter, mobile malware ranked as one of the ten most prevalent attack types affecting corporate networks and devices for the first time ever. With Africa being the ‘mobile-first’ and often ‘mobile-only’ continent, this new wave of threats is likely to have a strong impact on the number of attacks evidenced in the region,” rogers says, adding that individuals who run their businesses off mobile devices, as well as organisations who have a bring-your-own-device policy, should ignore proper security strategy at their own peril.

“It is necessary to apply the same level of security to mobile as required by traditional networks and PCs, and security professionals must have a coherent, over-arching threat management approach that addresses this. The way that mobile malware can distribute using app is helpful for hackers but very bad for us. It’s so quickly going to overtake traditional malware because of the ease that they can distribute,” says Rogers.

Based on how most employees balance the use of personal devices like mobile phones and work equipment like computers and laptops, it is good enough to live in reality that it is important to protect all devices. At a time when one uses his/her personal device for work as well, there is a dilemma. Probably you are getting emails, notifications for work… an employer ought to protect “that device”. It is a fact that when an employee downloads a malicious application, that device will be infected. Once the device is infected, everything he or she does for work is potentially exposed – mobile malware has become a major business concern, which about 10 years ago was not the case.

On one end mobile phone is very powerful. That’s perhaps why it is also important to empower employees to think about it in terms of security. It is very rare to use a physical computer or a laptop that has no antivirus technology. It’s quite natural. But not many individuals, and even organizations are aware that there is another computer in the pocket; the Smartphone.

At a time when 99.9% of iPhone users use latest system while only 30% of android uses run on latest applications, it is clear that a device itself also matters a lot. Yet we let these android devices (which are always not protected by antivirus) connect to work emails, and our wi-fi. Mobile has become the new window of data – we exchange information through mobile far more than we do on physical computer. Well, if that personal device is compromised, an enterprise’s data is also compromised. But what should we do? How important is a corporate phone?

According to Mr Rogers, response to this should go like … “We are going to buy you a corporate phone”. Many companies do so. Or, “I want you to use your personal phone, but I will protect it for you” – of course this should be tolerated only when there’s an assurance that the company is not snooping on what you are doing.

Citing 65 billion messages sent on Whatsapp (showing no use of slow down), people live in a mobile world. People are very mobile focused these days. From group meetings to sending messages related to business, and fun, mobile craze is not ending any time soon. But did you know that an application like Whatsapp is not that secure?

“You may assume that the message you’ve sent is what your boss has received, for example. So what we think is secure is not really secure. We want to believe that the things that we use are fundamentally secure… Hackers are using this. We’ve made hackers’ life so easy. And we can no longer pretend that we are not aware that mobile risks are very real and are on the rise,” says Rogers.