Mobility and Malware-as-a-Service (MaaS) top security concerns

Tuesday, 23 November, 2010

The exploding smartphone market and growing tablet device market, the rise in online banking, and a shift from simple exploit kits to more sophisticated Malware-as-a-Service model for cyber criminals, top the list of cyber concerns in the M86 Security Labs Predictions 2011 Report.

The report, assembled through comprehensive research conducted by M86 Security Labs, examines threats and attacks from the past year and predicts noteworthy trends in cyber security for which organisations should prepare in the year ahead.

“In 2010, we’ve seen dramatic increases in issues regarding mobile malware, as well as growing complexity of Trojan horse attacks in the banking industry,” says Bradley Anstis, vice president of technical strategy, M86 Security. ”And although Malware-as-a-Service isn’t new, we're seeing it take hold. New service offerings signal that the shift may become more prominent in the coming year. In the same way that cloud computing is growing for commercial organisations, cyber crime is also moving this same way.”

The most significant issues topping the report are three areas of market growth that increasingly are being compromised by more sophisticated cyber criminals and their tools.

Exploding smartphone market and growing tablet demand lead to more mobile malware

While the RIM operating system continues to dominate, Google’s Android operating system, and phones running the Google OS, have seen tremendous growth over the last year, including announcements of their adoption into the growing tablet market. While Apple is more strict than Google on its application approval, both vendors have begun to see more vulnerabilities in each of their platforms, with some rogue applications and malware. In addition, in 2010 the ZeuS Trojan targeted a two-factor authentication component on phones running the Symbian operating system, highlighting the fact that smartphones and all mobile platforms are on the radar of cyber criminals. 

This means there are two potential risks: companies give out phones to their employees, or employees use their own phones through their companies’ networks. Likewise, tablets are running the same versions of operating systems as the mobile phones, further expanding the user base. Allowing the use of such devices on the corporate Wi-Fi network is likely to bring more pain in the future. With the proliferation of mobile devices, M86’s Anstis advises that organisations’ IT professionals should ensure that there are clearly defined policies and remediations in place for usage of these devices on the corporate network.

Tools of the trade - data-stealing trojans get more sophisticated

There has been a lot of attention surrounding data-stealing trojans such as ZeuS. Whether there are notable attacks, such as those targeting customers of global financial institutions, to arrest warrants issued by the US and UK governments for hackers who have perpetrated crimes using ZeuS - which number in the hundreds of thousands - the pressure is mounting. As a result, new malware is starting to see its stock rise, such as data stealers like SpyEye, Carberp and Bugat. As staples like ZeuS face heat from authorities, these new entrants will sharpen their skills in order to carry out their attacks unimpeded and keep the money flowing in.

The other area of growth is in the sophistication of these trojans, which have gone from just data stealing to man-in-the-browser attacks, actively participating in cyber crime attacks through internet banking.

Malware-as-a-Service (MaaS) - more services being offered vs traditional applications

Exploit kits, also known as ‘attack toolkits’, have become popular with cyber criminals over the last couple of years. Used as ‘command control’ for cyber attacks, exploit kits have lowered the entry level to cyber crime and given birth to a new ecosystem with many different players with different roles.

According to M86 Security Labs’ research findings, a shift is happening whereby the different players in the cyber crime ecosystem are offering their products as services, teaming up with other players to offer complete, one-stop shop cyber crime-as–a-service capabilities. For example, the NeoSploit and Phoenix exploit kits now offer different malware services to their customers to remove the additional task of finding malware to load into your exploit kit. A decline in the usage of exploit kits is not anticipated by M86 as it  predicts there will be more consolidated service offerings for cyber criminals, instead of just application offerings.

“The vulnerabilities and predictions outlined in this report are intended to provide an overview of what is likely to be a much larger set of threats in the coming year. Smartphone adoption in the enterprise will only continue to grow, and, as the focus shifts toward the tablet platform, we anticipate malware targeting all of the mobile platforms to increase in 2011,” says Anstis. “To outsmart the bad guys, organisations need to first understand where the threats are likely to come from, and then second define exactly what needs to be protected, and how critical it is,” he adds. “But just as important, they must lay out their best practice strategies and policies for proactively combating and staying ahead of the emerging security threats.”

Related News

CrowdStrike to buy Adaptive Shield

CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...

LockBit named nastiest malware of 2024

LockBit, a ransomware malware known to have been used to attack Australian targets, has been...

Extreme Networks launches ZTNA solution

Extreme Networks' new ExtremeCloud Universal ZTNA solution combines cloud network access...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd