Quote of the Week: How to Protect Your Smartphone from Targeted Attacks
10 Nov 2011
Denis Maslennikov, Senior Malware Analyst, Global Research and Analysis Team, Kaspersky Lab:
People would be surprised if they knew that cybercriminals might be looking for ways to attack their smartphones. But if you consider these three points it doesn’t sound so crazy.
First of all, in 2011 Kaspersky Lab experts detected almost 3 times as much mobile malware than we discovered in the previous six years. Secondly, the general vector of attacks has started to change. Cybercriminals are not only interested in profit and stealing money from potential victims – they are also hungry for information. Attacks on Sony, RSA, large international corporations, diplomatic missions and military bases have confirmed this trend: the issue of targeted attacks is more relevant than ever today. Even though these recent examples revolved around attacks on PCs, we can assume that mobile attackers will apply the same principles to smartphones.
Finally, sales of smartphones are growing fast. Already many people cannot imagine life without these devices – we use them at home, on vacation, in the office. At the same time, that merger between corporate and consumer mobile use creates a new problem – even though our smartphones contain valuable information for cybercriminals, people are much more careless about the safety of these devices, than, for example, laptops or PCs. That’s why smartphones are becoming an easy entry point for attacks.
Of course, we can still make it difficult for cyber attackers. After all, they need to get physical access to the device, or deliver malware using social engineering tricks to tempt the user into following an infected link. But if that information is accessed or stolen, it can be sold, made public, modified or used to blackmail the user.
To minimize the risks, please follow this advice:
- Don’t use public or untrusted Wi-Fi networks
- Always keep an eye on your device
- Corporate devices should come with mandatory remote wipe software
- Update OS and third-party software regularly
- Read all permissions carefully
- Ignore all spam messages, especially with URLs
- Use encryption
- Avoid jailbreaking or ‘rooting’.