India Ranks #4 for Mobile MalwareNew Report Cites Danger from Smart Phone Growth, Old Software
India is the world's 4th biggest target of mobile malware, according to a new report, with the capital New Delhi hosting the highest number of SMS attacks sending mobile malware. Great Britain has a whopping 23 percent of the mobile malware pie, followed by France (11%), Saudi Arabia (9%) and India (8%).
This news comes from security vendor F Secure's H1 2014 report, which finds that the top five most Infected Indian cities are Chandigarh, Bangalore, Hyderabad, Chennai and New Delhi, indicating that Tier-II cities in the country are fast becoming favored destinations for mobile malware.
The proliferation of cheap smart phones and mobile telephony are major contributing factors, says Goh Su Gim, Security Advisor, APAC, F-Secure.
"Many more first-time adopters are coming in the smaller cities due to the newly available 2G and 3G connectivity in these geographies," Goh says. He believes that while this trend might taper off in these cities over time, it is bound to replicate itself in the other cities as smartphone usage peaks.
From a global perspective, 25 new Mac malware threats have been identified in the first quarter of 2014, with 13 belonging to five new families. The report notes that "actual malicious apps on iOS are few and far between, but they do exist ... but have so far only been effective against jailbroken devices." In contrast, more than 294 new malware variants have been identified for the Android platform in the same period - a testament to the platform's popularity and the attention it is receiving from cyber criminals.
"While checking the software name remains a standard security precaution for desktop threats, the same advice is difficult to apply to Android," the report advises. "Vigilance at the point of download remains for now the most effective precaution mobile users can take to avoid Trojans."
The report also finds that India is a hub for botnet infections, with viruses such as Ramnit and Sality still rampant in the wild. Bot-infected PCs in India are being used mainly for distributed-denial-of-service attacks, spamming and possibly Bitcoin mining. "Half of all infections detected are botnet-related, which is also a side effect of more and more people getting online," Goh says.
The largest threat in the PC segment still lies with the 6-year-old Downadup/Conficker worm. The worm has infected millions of PCs in more than 200 countries since it was identified in 2008. Its continued presence indicates the continued use of outdated and unpatched software, such as Microsoft's Windows XP, especially in developing countries such as India.
Goh says one surprising finding is that threats such as ransomware attacks that are escalating in other parts of the world have yet to catch on in India. But he expects the influx of mobile malware and botnets into the Indian ecosystem to lay the foundation for more sophisticated attacks.
The Windows XP Problem
Goh shares that India is still seeing traditional virus attacks, which are uncommon elsewhere, and this may be because of the aging software ecosystem. In countries such as India, legacy architecture dependency and budgets, among other reasons, dictate that enterprises are unable to migrate from Win XP anytime soon. This opens up a Pandora 's Box of problems in today's rapidly evolving threat landscape. "Such organizations will have to depend on third-party solution providers to provide patches, support and security solutions, since Win XP has already announced end of life," he says.
Goh advices enterprises unable to migrate from Win XP and other outdated/unsupported platforms to maintain basic network hygiene. Fundamental activities, such as patching all applications and operating systems, need to be conducted consistently. For instance, plug-in-based flash attacks are still in evidence, Goh says, because where organizations may have patched the OS, they have overlooked that these attacks are now coming in through the browser.
The report also notes that hackers are now extensively targeting small and midsized enterprises, as large enterprises are now well defended.
Looking ahead to 2015, Goh expects to see a continuation of in-the-wild attacks targeting end of life products, such as Win XP. And given that the mobile ecosystem is growing, mobile malware will get more sophisticated, he predicts.
"Hackers will focus on mobile platforms more now since mobile devices are increasingly becoming the preferred way for people to get online," he says.
Goh says this may be the reason the vast majority of attacks are now focused on the Android mobile platform, because this is the most popular platform in the region. Based on evidence to date. F Secure expects the mobile threat landscape in India to grow at a steady rate in the next three to six months.