third annual mobile threats report
DESCRIPTION
Our Third Annual Mobile Threats Report takes a look at current trends in malware and shares ways to protect your mobile network. Read the report here: http://juni.pr/11FUxk3TRANSCRIPT
Copyright © 2013 Juniper Networks, Inc. www.juniper.net
THIRD ANNUAL MOBILE THREATS REPORT
Juniper Mobile Threat Center Research
June 2013
2 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E D E V I C E S
MARKET TRENDS
“Of the 1.875 billion mobile phones to be sold in 2013, 1 billion units will be
smartphones, compared with 675 million units in 2012.” – Gartner
“Tablet shipments alone to outpace the entire PC market by 2015” - IDC
Canalys: 2012 worldwide smart phone shipments
3 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
GROWING EXPONENTIALLY
614% increase in malware samples! Total mobile malware samples across all platforms
increased to 276,259 at the end Q1-2013
133% more mobile applications analyzed! Juniper’s MTC examined 1.85 million mobile
applications compared to 793,631 in 2011
M O B I L E M A L W A R E
4 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
ANDROID - GAINING SHARE
M O B I L E M A L W A R E
5 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
SUPPLY CHAIN
Russia and Eastern Europe - hotbeds for malicious mobile activity. Malware is an
easy moneymaking venture…
China - rapidly expanding population of smartphones and an attractive market for
cyber criminals…
US and Western Europe - large smartphone markets…
6 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
PATHS TO PROFITS
9 out of every 10 malicious mobile
applications:
• 29% Fake Install apps
• 48% SMS Trojans
• 19% Spyware Applications
7 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
FRAGMENTED ECOSYSTEM A Fragmented Android Ecosystem
contributes further to malware threat
• 41% of devices still running
Gingerbread or older version
• Only 4% running version 4.2x
• In contrast iOS6 reported close to
90% adoption ( third party est. )
Android - Open for Malware •Annonymity of app developers
• Loosely managed marketplace
• Fragmented ecosystem
8 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
IT’S THE SEASON!
More than half of malware is created from Oct to Jan
• Smartphones and tablets are hot gift items
• App download picks up as new devices come online
9 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
BYOD: ENTERPRISE THREAT MTC Research indicates several attacks that could impact enterprise
• Attacks could be used to steal information
• Or, stage larger network intrusions
• Junos Pulse Mobile Security Suite data: 3.1% of enteprise user
device with at least one infection over the year
NotCompatible • Malware distributed by drive-by downloads, connects to C&C server
• Evidence of distribution by email phishing attacks suggests it could be used for
directed device attacks leading to an enterprise breach
Tascudap • Example of a complex and feature-rich mobile botnet that could be used to attack,
distribute spam and be part of DDoS against an enterprise.
• Tascudap mimics the Google Play icon to trick user to click in third pary app stores,
webpages or phishing messages
• Messages supported could compromise the device to become part of DDoS, send
premium SMS or monitor messages/calls
10 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
BYOD: DATA & APP PRIVACY
Insecure or Voracious Mobile Apps could
undermine enterprise security:
• One-third free apps had permission to
track user’s location
• Apps downloaded without corporate
oversight can access corporate
address book, documents and location
App Privacy Violations: An Upward Trend
• Juniper MTC researched 1.6 M Apps;
increasing population of apps, both free
and paid, that are seeking more access
• FTC Staff report recommended number
of improvements in Feb ’13, but
progress is slow
11 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
BYOD:DEVICE LOSS & THEFT
Loss of Data and Intellectual Property are top of mind concerns in
BYOD
• Loss of device, specially without strong access password and data
encryption can be a serious loss to business and gov organizations
• MTC saw that a sizable number of Junos Pulse Mobile Security Suite
customers used Locate and Lock functions but only a small fraction
actually used Wipe function
12 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
REVISITING 2011 PREDICTIONS
Prediction 1: Further dramatic malware growth Numbers don’t lie - the growth of malware through March of 2013 continues to grow at a
steady clip, with a clear focus on Android. We were on target with this prediction.
Prediction 2: Targeting of device applications The continued popularity of Fake Installer malware suggests that malicious actors have
found easier means to do so than by exploiting vulnerabilities in the underlying mobile
application code. Mark this as “to be continued.”
Prediction 3: Focus on mobile banking Mobile banking was a focal point for malware writers and security researchers alike in
2012. Malware such as Zitmo (Zeus-in-the-Mobile) or similar styles of applications geared
towards thwarting financial transaction authentication mechanisms continued to surface.
We were mostly right on this prediction.
Prediction 4: Direct attacks grow While exposed vulnerabilities certainly exist in nearly every mobile operating platform, it
remains difficult for attackers to launch viable attacks at devices whose locations,
network reliance and identities continually change. This prediction didn’t pan out.
13 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
FUTURE OUTLOOK 1. Android adoption – and Android malware – outpaces competitors We believe that the current trends in smartphone and tablet adoption will continue, if not
intensify. While direct attacks on Android are possible, we expect that the current focus on
Trojan-izing mobile applications will continue, as attackers are still garnering plenty of
success in penetrating official and third-party Android application marketplaces.
2. Continue to keep an eye on research of the iOS platform However, with a shrinking share of the smartphone market, especially outside of North
America, Apple could find itself in the same position with its mobile operating system as with
the MAC desktop operating system: controlling a small piece of the market and seeing a
proportionally small share of the malicious activity.
3. Coordinated efforts to snuff out SMS fraud The SMS Trojan problem is linked closely with “Premium SMS” operations in Europe and
Asia, creating something of a choke point for Premium SMS or “Toll Fraud” malware.
Concerted efforts by regulators to put pressure on SMS aggregators and wireless providers
to implement features that make it harder for malware to send or approve premium SMS
messages could dry the swamp of illegal funds linked to this major category of mobile
malware.
14 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
ENTERPRISE GUIDANCE
3. Control the Attack Surface • Implement secure access systems that provide network-level mobile security
• Consider mobile security solutions that integrate well with back-end servers, NAC
and policy servers for internal and regulatory compliance
• Utilize mobile device management (MDM) features that blacklist known bad
applications
• Manage what corporate device users can download
1.Secure Connectivity • Implement mobile VPN, with strong
identity-based authentication, SSO, etc.
• Explore application-level VPN and
container technologies
2. Protect against Malware • Enable on-device mobile anti-virus and
network level protection
• Use device tracking and control,
including strong passcode and encryption
enforcement
15 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E JUNOS PULSE MOBILE THREAT CENTER
Worldwide 24/7 Team of Leading Security Experts
Team with vast experience in Security, Information
Technology, Engineering, Software Development, and
Management
Team members have advanced degrees in Engineering and
various training courses completed
Certified Ethical Hackers (CEH),Certified Hacking Forensic
Investigators (CHFI) and Certified Wireless Network
Administrators (CWNA)
Certified Information Systems Security Professionals
(CISSP)
Team members located in different time zones to ensure
timely responses to emerging threats
16 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
JUNIPER MOBILE SECURITY
Juniper Networks’ Junos Pulse client and Junos Pulse services
simplify secure access and connectivity to networks based on the
device type and device security posture, location, user identity and
role, and adherence to corporate access security policies. For mobile
devices, Junos Pulse provides secure connectivity, mobile threat
protection, and remote mobile device configuration and management
in a single solution. Junos Pulse is available for major mobile
operating systems in addition to Windows and Mac OS: iOS, Android,
BlackBerry and Windows Mobile.
For more information please visit: www.juniper.net/junos-pulse
17 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
M O B I L E M A L W A R E
THROUGH BROAD COVERAGE,
FLEXIBLE DEPLOYMENT
OPTIONS, SCALABILITY AND
OPERATIONAL SIMPLICITY,
JUNIPER PROVIDES SOLUTIONS
THAT SPAN THE ENTIRE
SECURITY SPECTRUM
Platforms
Applications
and Content
COMPREHENSIVE
SECURITY Connectivity
18 Copyright © 2013 Juniper Networks, Inc. www.juniper.net
T h a n k y o u !