News

Hackers Targeting E-Mail, Mobile Devices

Spearphishing and malware attacks via mobile systems, particularly targeting the Android platform, are on the rise, according to a report from software security firm McAfee.

Global spam volumes dropped in early 2011 to their lowest levels since 2007, from a peak of about 5 trillion messages a day worldwide in July 2010 to about 1.5 trillion a day in March. But that drop gives end users and security officials little breathing room, said Dave Marcus, director of security research at McAfee Labs.

"Most of the stuff that ends up in the mailbox still is suspicious if not downright malicious," said Marcus, one of the authors of the report. The ratio of spam to legitimate e-mail was about 3-to-1 at the end of the first quarter.

"It is easier to profile high-end corporations and prominent people than ever before" because of the amount of information available online, Marcus said. "That's the downside of the Information Age. The attackers have a complete understanding of the environment" they are targeting.

Another downside to technology is the growth in malicious code for mobile devices, especially those running the Google Android operating system. The Symbian OS remains the No. 1 target for mobile malware because of its 75 percent share of the market, and Android remains in third place overall behind Java 2 Micro Edition. But Android became the second most-targeted OS in the first quarter, and its share is expected to continue growing.

"Malware threats to the mobile platform continue to evolve in sophistication and functionality at a pace that in many ways eclipses that of PC-based malware," the report states.

"Mobile is going to be troublesome for quite some time," Marcus said. The market share of Android malware is growing quickly because of the rapid adoption of phones that use the OS and the distribution channel for third-party applications. Unlike the system for Apple iPhones, Android applications are not closely controlled and vetted.

"This is already being abused and is going to cause a lot more abuse in the future," Marcus added.

Mobile malware for stealing bank account information is becoming more common, and mobile platforms will become increasingly attractive to criminals as more mission-critical activities are conducted on them, Marcus said.

The drop in spam volume in the first quarter was caused primarily by the takedown of much of the Rustock botnet command-and-control network by law enforcement and security providers. Despite that success, McAfee reported some growth in the decapitated botnet at the end of the quarter and predicted that it would rebuild in the coming months.

But volume is not everything. The threat of well-crafted spear phishing has been demonstrated by recent high-profile attacks that appear to have breached EMC's RSA Security Division, Oak Ridge National Laboratory, Sony, Lockheed Martin, Google and others. Defeating those attacks with filters is challenging, if not impossible.

"You can craft an e-mail that will be able to get through every time," Marcus said. "That negates technological know-how and security expertise."

The solution is to better educate and train end users, he said. Most users are aware of the problem, but training to recognize and properly respond to malicious e-mail is inadequate. "These are two completely different things," Marcus said. "We can do one of them much better."

One of the most effective responses to a suspicious e-mail message is to wait a beat -- or three -- before responding to it, read it critically and, if necessary, call someone to verify its legitimacy. That can be inconvenient for both parties, but "it's a classic case of risk management," Marcus said.

About the Author

William Jackson is the senior writer for Government Computer News (GCN.com).

Featured

  • Tamper Protection Now Available to Microsoft Defender ATP Subscribers

    The Microsoft Defender Advanced Threat Protection (ATP) E5 subscription plan now has an optional "tamper protection" security feature, Microsoft announced on Monday.

  • Exploring OCR, a New Way To Get Data into Excel

    Microsoft recently added a new optical character recognition feature to Excel that lets users import data from a photograph taken from a smartphone. Here's how to use it.

  • Microsoft Authenticator App To Get Real-Time Phishing Protections

    Microsoft is working on adding capabilities to its Microsoft Authenticator app to help defeat security breaches enabled by advanced attack techniques, including phishing and man-in-the-middle methods.

  • A Quicker Way To Create Hyper-V Inventory Reports

    If you need to generate Hyper-V inventory reports but don't want the hassle of writing your own custom PowerShell script, here is a shortcut.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.