Symantec: Mobile Adware and Malware Trends

By Symantec.

According to a research paper by Symantec, here are the latest mobile Adware and Malware trends:
  • Percentage of “madware” (overly-aggressive mobile adware) on Google Play steadily increasing – Twenty-three percent of all apps in the Google Play store this year contained aggressive ad libraries, compared to 15 percent in 2012.
  • The aggressive actions “madware” (overly-aggressive mobile adware) can take – Two-thirds of madware apps collect device information, such as its IMEI number or phone producer and model. Additionally, a third of madware apps display ads in the notification bar, which can annoy users.
  • Android malware continues to grow exponentially - Between June 2012 and June 2013, the number of known malware families increased by 69 percent, and known malware samples increased nearly four times.

And here goes the best practices:

  • Take inventory – You can’t protect or manage what you can’t see. You must take inventory of the devices in your organization to gain visibility across multiple networks and into the cloud. After taking stock, implement continuous security practices, such as scanning for current security software, operating system patches and hardware information, such as model and serial number.
  • Develop and enforce strong security policies for using mobile devices – In addition to encryption and security updates, it is important to enforce password management and application download policies for managers and employees. Maintaining strong passwords will help protect the data stored in the phone if a device is lost or hacked.
  • Focus on protecting information as opposed to focusing on the devices – Instead of solely focusing on the mobile devices themselves, IT departments should take a step back and look at where the organization’s information is being stored and should then protect those areas accordingly. Requirements around anti-malware, data loss prevention and authentication apply for data wherever it resides, mobile or otherwise.
  • Use a mobile device management solution – Today smartphones and tablets are being used the same way as laptops and PCs in which they are accessing email, using enterprise apps, and accessing corporate servers. As a result, the device and apps need to be managed through the entire device lifecycle from device provisioning to securing and monitoring to device retirement. A well-managed device is a secure device.

  • Use the “passcode lock” feature, and make sure it features a secure password – This may seem obvious, but 18 percent of smartphone users do not use the passcode lock feature. This is the most basic security precaution and requires minimal effort on the part of the user.
  • Use security software on your mobile device – Security software specifically designed for smartphones & tablets can stop hackers and prevent cybercriminals from stealing information or spying on users when using public networks. It can also eliminate annoying text and multimedia spam messages. It can detect and remove viruses and other mobile threats before they cause problems.
  • Avoid opening unexpected text messages from unknown senders – Just like emails, attackers can use text messages to spread malware, phishing scams and other threats among mobile device users. The same caution should be applied to opening unsolicited text messages that users have become accustomed to with email.
  • Click with caution – Just like on stationary PCs, social networking on mobile devices and laptops needs to be conducted with care and caution. Users shouldn’t open unidentified links, chat with unknown people or visit unfamiliar sites. It doesn’t take much for a user to be tricked into compromising a device and the information on it. All of the same best practices applied to social networking on PCs should be applied to network-connected mobile devices.
  • Check privacy settings regularly – To make sure account and information is as secure as possible, regularly check your privacy settings.