May 11, 2011 at 12:42 PM ET
Every time you carry your smartphone out and about, you're making criminals' jobs easier, as exposure to security risks on mobile devices is higher than ever, especially on application downloads, with Android malware up 400 percent and Wi-Fi networks increasingly vulnerable to attack.
Juniper Networks put together "Malicious Mobile Threats Report 2010/2011," a global mobile threat study released Tuesday that zeroes in on cyber criminal trends and the means to counter those invasions.
Though smartphones serve as mini-computers, most people don't seem to take the same precautions they would on computers.
Jeff Wilson, principle analyst at Security at Infonetics Research had this to say:
"The last 18 months have produced a non-stop barrage of newsworthy threat events, and while most had been aimed at traditional desktop computers, hackers are now setting their sights on mobile devices. Operating system consolidation and the massive and growing installed base of powerful mobile devices is tempting profit-motivated hackers to target these devices ...
In a recent survey of large businesses, we found that nearly 40 percent considered smartphones the device type posing the largest security threat now."
The report was compiled by the Juniper Networks Global Threat Center (GTC) research facility, an organization "dedicated to conducting around-the-clock security, vulnerability and malware research tailored specifically to mobile device platforms and technologies."
The organization dove into attacks over the past year and a half, including Android malware scares Myournet/Droid Dream, Tap Snake and Geinimi "as well as the pirating of the 'Walk and Text' application, new threat vectors for mobile cybercrime, and the potential for exploitation and misuse of mobile devices and data."
One of the report's key findings was that application downloads are "the single greatest distribution point for mobile malware" but for the most part, smartphone users aren't using antivirus scans to pro-actively defend against malware.
Other key points:
- Wi-Fi Worries: Mobile devices are increasingly susceptible to Wi-Fi attacks, including applications that enable an attacker to easily log into victim email and social networking applications
- The Text Threat: 17 percent of all reported infections were due to SMS trojans that sent SMS messages to premium rate numbers, often at irretrievable cost to the user or enterprise
- Device Loss and Theft: 1 in 20 Juniper customer devices were lost or stolen, requiring locate, lock or wipe commands to be issued
- Risky Teen Behavior: 20 percent of all teens admit sending inappropriate or explicit material from a mobile device
- "Droid Distress": The number of Android malware attacks increased 400 percent since Summer 2010
On that last point, the popularity of an operating system seems to directly correlate with being the target of enterprising hackers, because before the emergence of Android, Symbian devices were most plagued by mobile viruses.
And it's not enough for app stores to respond after viruses have already been detected. Dan Hoffman, chief mobile security evangelist at Juniper Networks, said "App store processes of reactively removing applications identified as malicious after they have been installed by thousands of users is insufficient as a means to control malware proliferation. There are specifics steps users must take to mitigate mobile attacks. Both enterprises and consumers alike need to be aware of the growing risks associated with the convenience of having the Internet in the palm of your hand."
To that end, Juniper has these recommendations to safeguard what has become an extra appendage to many:
- Install an on-device anti-malware solution to protect against malicious applications, spyware, infected SD cards, and malware-based attacks on the device
- Use an on-device personal firewall to protect device interfaces
- Require robust password protection for device access Implement anti-spam software to protect against unwanted voice and SMS/MMS communications
- For parents: use device usage monitoring software to oversee and control pre-adult mobile device usage and protect against cyberbullying, cyberstalking, exploitative or inappropriate usage, and other threats
Sign up here to check out the report for yourself. After filling in your information, you'll see the PDF on the next page.