Mobile attacks are more vicious than ever, according to the latest report from security firm Blue Coat Systems.
An increase in insidious and malicious attack types is turning mobile users into cyber hostages, sounding an alarm for individuals and organisations to strengthen defences, according to the 2015 State of Mobile Malware Report.
As mobile devices become more deeply woven into the fabric of people’s personal and professional lives, cyber criminals using increasingly vicious and disturbingly personal attacks, the report said.
Cyber blackmail through mobile ransomware attacks is quickly emerging as the top malware type in 2015, along with the stealthy insertion of spyware on devices that allows attackers to profile behaviour and online habits, researchers found.
“As we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data these devices collect, as evidenced by the types of malware and attacks we’re seeing,” said Hugh Thompson, chief technology officer and senior vice-president at Blue Coat.
“The implications of this nefarious activity certainly carry over to corporate IT as organisations rapidly adopt cloud-based, mobile versions of enterprise applications, opening up another avenue for attackers,” he said.
According to Thompson, a comprehensive and strategic approach to managing risk must extend the perimeter to mobile and cloud environments.
“This must be based on a realistic, accurate look at the problem and deploy advanced protections that can prioritise and remediate sophisticated, emerging and unknown threats,” he said.
According to the report, pornography has returned as the number one lure after dropping to number two during 2014, with 36% of malicious traffic linked with porn sites, up from just 17% in 2014 and just 22% in 2013.
Conversely, malicious adverts (malvertising) dropped from almost 20% in 2014 to less than 5% in 2015, including malvertising attacks and sites that host Trojan horse apps designed to appeal to porn site visitors.
Blue Coat has also tracked and defined suspicious WebAd networks that are heavily involved in malware, scams, potentially unwanted software and other criminal activities.
The three top types of malware in this year’s report are ransomware, potentially unwanted software and information leakage.
Mobile ransomware on the rise
According to the report, the world of mobile ransomware has grown dramatically over the past year. While some varieties that run on Android devices cause little damage beyond convincing victims to pay the cyber hostage-taker, many have adopted more sophisticated approaches common to ransomware in the Microsoft Windows environment.
With the increased performance capabilities of modern smartphones, it was only a matter of time before more advanced cryptographic ransomware, such as SimpleLocker, started showing up on mobile devices, the report said.
These threats render music files, photographs, videos and other document types unreadable – while typically demanding an untraceable form of payment such as Bitcoin – and employ a strict time limit for payment before the files become permanently inaccessible to the owner.
Potentially unwanted software generally exhibits behaviour typical of adware or spyware, spying on users’ online activity and personal data or serving extra ads.
Blue Coat researchers have seen a major shift in the volume of such software in the traditional malware space – and this is also true of the mobile space – as the number of junk mobile apps hosted on sites the researchers classify in this category has been rising steadily.
This type of mobile app, notable for its dubious utility, frequently finds its way onto a mobile device through the use of deceptive advertising, or other social engineering attacks designed to deceive the victim into installing the unwanted program.
Apps leaking information
According to the report, most people are unaware that apps on their mobile device may be watching them and reporting on them on a continual basis.
This information leakage is usually a minor drip, showing the version of their phone’s operating system, the manufacturer, the specific app or browser being used and similar information.
Complicating matters, the report said, is the fact that there are typically no included system tools available for users to see or know what data is going out of their devices.
With no signs of slowing down, the report said the market for mobile devices is booming, which means mobile payment systems are also set to grow.
“Services including contactless payment methods will incorporate additional security features, such as biometrics or two-factor authentication,” the report said.
But Blue Coat said there are already too many mobile devices vulnerable to a host of threats in use, and that these devices will almost certainly not receive needed operating system updates, which in turn will drive a market in security systems that can support traditional PC and mobile platforms.
Mobile carriers and handset makers are already working on plans to fast-track critical over-the-air updates to vulnerable devices, the report said, but the work is slow and it may be some time before this segment of the mobile market matures.