Security Experts:

Android Sees 400 Percent Increase in Malware, Says Juniper Networks

Juniper Networks released the results of a global mobile threat study this week, showing a significant rise in threats to mobile devices. The report highlighted a record number of mobile security threats, including a 400 percent increase in malware targeting the Android operating system, as well as highly targeted Wi-Fi attacks.

With the continued trend of consumerization of mobile devices including iPhones, iPads, and Android devices, and the increasing amounts of company data that’s being storied on these devices, it should not be surprising that they have become an attractive target for cybercriminals.

Mobile Security ThreatsMuch debate has taken place in the industry regarding app store security and, specifically, how applications—many times created by amateur developers—should be examined, policed, and monitored. Ultimately, endpoint security software is the best prevention against mobile malware, Juniper says.

The Juniper report references an interesting stat coming from a 2010 SANS Institute report that showed that 85 percent of smartphone users were not employing an antivirus solution on their mobile device to scan for malware. Of the 15 percent of the survey respondents who were using an antivirus product on their smartphone, one in five of those users reported having been infected with a malicious application. according to SANS, that number is higher than the overall infection rate for PCs in North america, which remains between seven and ten percent.

The report, "Malicious Mobile Threats Report 2010/2011" was compiled by the Juniper Networks Global Threat Center (GTC) research facility, located in Columbus, OH which became part of the company following the $70 million acquisition of SMobile Systems back in July of 2010.

Interesting Report Findings Include:

App Store Threats: The single greatest distribution point for mobile malware is application download, yet the vast majority of smartphone users are not employing an antivirus solution on their mobile device to scan for malware

Wi-Fi Threats: Mobile devices are increasingly susceptible to Wi-Fi attacks, including applications that enable an attacker to easily log into victim email and social networking applications

The Text Threat: 17 percent of all reported infections were due to SMS trojans that sent SMS messages to premium rate numbers, often at irretrievable cost to the user or enterprise

Device Loss and Theft: 1 in 20 Juniper customer devices were lost or stolen, requiring locate, lock or wipe commands to be issued

• In April 2011, the android world saw the fourteenth-rated application on the “101 best android apps” list, “Walk and Text,” pirated off of the android Market. However, this case was a little different—the developer who pirated and repackaged the application only meant to ridicule users who were installing pirated applications.

• In 2010 and continuing into 2011, researchers at Indiana University, Bloomington collaborated with City university, Hong Kong to explore the possibility of “sensory malware” and communications interception. The research initiative gave way to the proof-of-concept “soundminer” application, which is capable of leveraging an android device’s microphone to monitor when a user calls a known credit card company.

• Studies have shown that, once a mobile device connects to a Wi-Fi network, it is susceptible to Man-in-the-Middle (MITM) attacks, just like any other networked device on that segment

"These findings reflect a perfect storm of users who are either uneducated on or disinterested in security, downloading readily available applications from unknown and unvetted sources in the complete absence of mobile device security solutions," said Dan Hoffman, chief mobile security evangelist at Juniper Networks. "App store processes of reactively removing applications identified as malicious after they have been installed by thousands of users is insufficient as a means to control malware proliferation. There are specifics steps users must take to mitigate mobile attacks. Both enterprises and consumers alike need to be aware of the growing risks associated with the convenience of having the Internet in the palm of your hand."

For Enterprises, Government agencies and SMBs, the report recommends the following:

• Employ on-device anti-malware to protect against malicious applications, spyware, infected SD cards and malware-based attacks against the mobile device

• Use SSL VPN clients to effortlessly protect data in transit and ensure appropriate network authentication and access rights

• Centralize locate and remote lock, wipe, backup and restore facilities for lost and stolen devices

• Strongly enforce security policies, such as mandating the use of strong PINs/Passcodes

• Leverage tools to help monitor device activity for data leakage and inappropriate use

• Centralize mobile device administration to enforce and report on security policies

"The last 18 months have produced a non-stop barrage of newsworthy threat events, and while most had been aimed at traditional desktop computers, hackers are now setting their sights on mobile devices. Operating system consolidation and the massive and growing installed base of powerful mobile devices is tempting profit-motivated hackers to target these devices," Jeff Wilson, principle analyst, Security at Infonetics Research. "In a recent survey of large businesses, we found that nearly 40 percent considered smartphones the device type posing the largest security threat now. Businesses need security tools that provide comprehensive protection: from the core of the network to the diverse range of endpoints that all IT shops are now forced to manage and secure."

Related Reading: Rethinking Cybersecurity in a Mobile World

Related Reading: Got Android? Some Considerations on Permissions and Security

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.