Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Mobile Malware Not a Big Problem in US: Damballa

Research presented on Wednesday by automated breach defense solutions provider Damballa at the RSA Conference in San Francisco shows that mobile malware infection rates in the United States are low.

Research presented on Wednesday by automated breach defense solutions provider Damballa at the RSA Conference in San Francisco shows that mobile malware infection rates in the United States are low.

Damballa, which currently monitors nearly half of the mobile data traffic in the United States, conducted a test over a one-month period in the fourth quarter of 2014. The company identified roughly 150 million mobile devices that connected to over 2.7 million unique hosts.

However, researchers determined that only 0.0064 percent of these devices, representing 9,688 devices, connected to a domain on the mobile blacklist (MBL). The security firm has pointed out that there is a bigger chance of being struck by lightning (0.01 percent chance in a lifetime) than having a mobile device infected with malware.

Damballa conducted a similar study in 2012, when the company was monitoring one third of the mobile data traffic in the United States. At the time, roughly 3,500 of the 23 million devices they had identified (0.015 percent) contacted a malicious domain.

Based on passive DNS (pDNS) data collected at recursive DNS level, researchers have also determined that only 1.3 percent of “mobile” hosts were not in the set of hosts contained by historical non-cellular pDNS data. This indicates that there is a significant overlap between mobile hosts and wired hosts — mobile applications are using the same hosting infrastructure as regular applications.

As Damballa senior scientific researcher Charles Lever points out, “mobile Internet is really just the Internet.”

“This research shows that mobile malware in the Unites States is very much like Ebola – harmful, but greatly over exaggerated, and contained to a limited percentage of the population that are engaging in behavior that puts them at risk for infection,” Lever said. “Ask yourself, ‘How many of you have been infected by mobile malware? How many of you know someone infected by mobile malware?’”

While reports released by many security firms show an increasing number of mobile malware samples, some recent studies show that mobile threats have been overhyped. Google published a report earlier this month saying that malware infections on the Android platform have been cut in half in the past year.

Advertisement. Scroll to continue reading.

Verizon’s latest Data Breach Investigations Report (DBIR) also revealed that mobile devices are not a preferred attack vector in data breaches.

“Mobile devices have clearly demonstrated their ability to be vulnerable. What we are saying is that we know the threat actors are already using a variety of other methods to break into our systems, and we should prioritize our resources to focus on the methods that they’re using now,” Verizon said.

At the RSA Conference, Damballa also announced the launch of Damballa Failsafe 6.0, the latest version of the company’s advanced threat detection platform.

“Failsafe 6.0 leverages a distributed computing architecture that enables the seamless addition of powerful new detection modules, ease of integration with other security technologies, and more efficient processing power. As a result, enterprises can ‘future-proof’ their threat detection platform to deal with current and emerging threats,” Damballa said.

RSA Conference 2015 Coverage:

DevOps and Security Mingle at RSA Conference

Raytheon, Websense Discuss Integration Plans

Information Security Must Take 5 Steps to Emerge From Dark Ages

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

Cloud and container security firm Sysdig has tapped William Welch as CEO on its path to an IPO.

Dave Scher has been promoted to Deputy Chief Information Officer at MITRE.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.