Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Five new threats to your mobile device security

Stacy Collett | May 22, 2014
Attacks that proved successful on PCs are now being tested on unwitting mobile device users to see what works -- and with the number of mobile devices with poor protection soaring, there are plenty of easy targets. "Attackers are definitely searching after the weakest point in the chain," and then honing in on the most successful scams, says Lior Kohavi, CTO at CYREN, a cloud-based security solutions provider in McLean, Va.

"You click on the SMS and download the app, and they basically own your desktop and your phone," he says.

4. Cryptocurrency mining attacks

Wondering why your mobile device is losing battery power too quickly or why it feels overheated? You might have cryptocurrency mining malware on your device. The malware infiltrates mobile devices in search of digital currencies, like Bitcoin, Litecoin and Dogecoin. 

Found mostly in Android devices, the apps were injected in many cases with the CPU mining code from a legitimate Android cryptocurrency mining app. The miner is started as a background service once it detects that the affected device is connected to the internet.  By default, it launches the CPU miner to connect to a dynamic domain, which then redirects to an anonymous digital currency mining pool.

"The reality is that the capabilities on the phone aren't as great as they are in a big server or mainframe attacks," says Kohavi. "But it's a trial and error for these organized criminals to be able to put their foot into an area and then leverage that and see what they can get out of it."

5. The enemy is us

Despite the 24/7 reliance on mobile devices by most consumers, they don't appear to be getting any smarter about security, researchers say. In 2012, 44 percent of adults were unaware that security solutions existed for mobile devices, according to Symantec's Threat Report. That number rose to 57 percent in a 2013 Threat Report, released in April 2014.  A lack of education among mobile users is partly to blame, according to report.  Also, people who had feature phones with limited security requirements became smartphone users and weren't aware of the need to install a security app.

Looking ahead, experts agree that mobile device malware and scams will only increase as users pack their mobile phones with more rich and sensitive data — and the implications will be even greater for businesses that hire young workers.

"Gen Y is a very social and sharing culture," says Chris Silvers, owner and principal information security consultant CG Silvers Consulting in Atlanta. With a new generation of workforce emerging, "it's going to be interesting to see how they handle [their sensitive information].  There's so much information already out there — you just can't go get it back."

 

Previous Page  1  2  3 

Sign up for Computerworld eNewsletters.