Presentation is loading. Please wait.

Presentation is loading. Please wait.

The “Five W’s” of Mobile Device Malware: W ho, W hat, W hen, W here, and W hy? … and What Can be Done About It? Kevin McPeak, CISSP, ITILv3 Technical Architect,

Published byKerry Miller Modified over 9 years ago

Similar presentations

Presentation on theme: "The “Five W’s” of Mobile Device Malware: W ho, W hat, W hen, W here, and W hy? … and What Can be Done About It? Kevin McPeak, CISSP, ITILv3 Technical Architect,"— Presentation transcript:

1 The “Five W’s” of Mobile Device Malware: W ho, W hat, W hen, W here, and W hy? … and What Can be Done About It? Kevin McPeak, CISSP, ITILv3 Technical Architect, Security Symantec Public Sector Strategic Programs

2 W ho Can Be Affected by Mobile Malware? Governmental, Commercial, and Home Users Apple iOSAndroid BlackBerryWindows Mobile The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? W ho Creates & Distributes Mobile Malware? Cyber Criminals and their Accomplices Malware DevelopersMules Mobile Botnet OperatorsCyber Thieves Espionage RingsHacktivists 2

3 W hat is Mobile Malware and How Do We Count Them? Each of these applications contain the same piece of malware embedded in them Each piece of malware is counted as one Family – If this malware is modified the new version counts as a Variant We would count the five apps as Samples We do not report on Samples, but many vendors do The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? 3

4 W hat is the Growth Rate of Android Malware? The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? 4

5 Vulnerabilities & Mobile Malware The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? W hat Mobile Platform Has the Most Vulnerabilities? …What Mobile Device Type Has the Most Threats? 5

6 W hat Types of Mobile Malware Exist? The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? 6

7 W hen is Mobile Malware Active? The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? When Mobile Data is Collected: When IMEI7 and IMSI8 numbers are taken by attackers as a way to uniquely identify a device. When Users Are Tracked: When communication data such as SMS messages, call logs, GPS coordinates, calendar events, or personal photos are exfiltrated. Or when a device is hijacked to serve as an e-mail spam relay system, thus allowing unwanted e-mails to be sent from addresses registered to the device. When Device Settings are Changed: When an attempt is made to elevate privileges or modify OS settings to perform further actions on the compromised devices. When Bad Apps Send Out Content: When an app sends a text message to a premium SMS number, ultimately appearing on the mobile bill of the device’s owner. 7

8 Where is Mobile Malware Found? The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? Third-Party App Stores Hosting the Most Malware 8

9 Where is Mobile Malware Found? The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? 9

10 W hy is Mobile Malware Developed? The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? …. because There is Significant Illicit Money Being Made Premium SMS Messages Mobile Adware (Madware) Stealing Information Bank Fraud Ransomware Botnets and Spam 10

11 The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? Information Stealing Malware Android.Sumzand 1.User received email with link to download app 2.Steals contact information 3.Sends email promoting app to all contacts 11

12 Mobile & Social Everyone Likes to be Liked And there’s an App for that! 12

13 Mobile & Social Instlike gives you 20 free likes on your Instagram photos And you can buy more 13

14 Mobile & Social Just give the app developer your login and password Don’t worry, he promises not to steal your account Internet Security Threat Report 2014 :: Volume 19 52 14

15 Mobile & Social Thousands of mobile users willing gave away their email addresses and passwords for nothing more than a Like. Mobile users are at risk, even from themselves. 15

16 Internet of Things – The Future Wearable Devices will soon be measuring: Pulse Weight Time Slept Glucose Levels Blood Pressure Exposure to sunlight Teeth Brushing And more… As more of our personal information travels the Internet what will become of it? 16

17 72 % 90 % 78 % 56 % 48 % 33 % DELETE SUSPICIOUS EMAILS FROM PEOPLE THEY DON’T KNOW HAVE AT LEAST A BASIC FREE ANTIVIRUS SOLUTION AVOID STORING SENSITIVE FILES ONLINE Mobile Security IQ Source: Norton Report 17

18 Vulnerability Patching Service Providers iOSGoogle OEMs The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? … The Problem Exists, so What Can be Done About It? 18

19 The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? … What Can be Done About It? (Continued) 19

20 The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? … What Can be Done About It? (Continued) NIST Special Publication 800- 163 "Technical Considerations for Vetting 3rd Party Mobile Applications" Allows Federal agencies to assess the following for any given mobile app: Security Behavior Reliability Performance AppVet: In conjunction with DARPA, NIST developed the AppVet program: Allows Feds to submit an app for testing Uses open source and commercially available tools 20

21 The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why? Deploy Mobile Security Software Throughout Your Organization: At a minimum, this software should scan and identify threats from any mobile apps or content that the user downloads. Establish a Robust, Highly Secure Mobile Device Management Framework for Your Agency: Managing your organization’s mobile devices is not just about remote wipe commands for lost/stolen devices and OTA password resets. You should also setup a system for mobile app management across the entire app lifecycle. Likewise, you should manage your organization’s mobile content ecosystem in the same secure end-to-end manner. … What Can be Done About It? (Continued) Enforce User Mobile Security Training: Users must be constantly reminded to avoid clicking on suspicious links in messages, to keep their personal mobile devices updated, and to only download apps from officially sanctioned App Stores. 21

22 Thank you! Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Kevin McPeak kevin_mcpeak@symantec.com @kevin_mcpeak symantec.com/threatreport mobilesecurity.com/ The “Five W’s” of Mobile Device Malware: Who, What, When, Where, and Why?

Download ppt "The “Five W’s” of Mobile Device Malware: W ho, W hat, W hen, W here, and W hy? … and What Can be Done About It? Kevin McPeak, CISSP, ITILv3 Technical Architect,"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.

Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.
Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.

Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.
Symantec Education Skills Assessment SESA 3.0 Feature Showcase

Symantec Education Skills Assessment SESA 3.0 Feature Showcase
K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer

K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer
‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, 2012 1 Industry and the fight against cybercrime.

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.
Online Shopping Self-Defense

Online Shopping Self-Defense
1 Online Self-Defense: Avoiding Email Scams Chau Mai December 5, 2013.

1 Online Self-Defense: Avoiding Scams Chau Mai December 5, 2013.
Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
Bill McClanahan – Principal Business Consultant LPS Integration.

Bill McClanahan – Principal Business Consultant LPS Integration.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.
CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.

CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Cyber Crimes.

Cyber Crimes.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Mobile Devices Carry Hidden Threats With Financial Consequences Hold StillInstalled.

Mobile Devices Carry Hidden Threats With Financial Consequences Hold StillInstalled.
UNCLASSIFIED User Guide Applicant. UNCLASSIFIED Table of Contents What is the SAFETY Act? Applicant Guide Help Desk.

UNCLASSIFIED User Guide Applicant. UNCLASSIFIED Table of Contents What is the SAFETY Act? Applicant Guide Help Desk.

Similar presentations

Ads by Google