Cyberspies Ratchet Up Attacks on Mobile Devices
The use of mobile devices is growing by leaps and bounds. So too are the number and complexity of cyber-attacks on them, a network security expert said.
“The growth is one thing, but the jumps in sophistication is what I find surprising,” said Dave Marcus, director of advanced research and threat intelligence for McAfee Labs. “When you look at malware in the PC world, it took years for certain functionalities to develop,” he said. The criminals and spies are now measuring progress on how to exploit mobile devices in terms of weeks and months. “They have clearly learned a lot.”
And it is a target-rich environment as more companies are allowing employees to use their own devices for doing work, essentially allowing them to become portals into their networks.
Few organizations are putting security policies and technologies in place on these devices. It is a “wide-open field” for the hackers, Marcus said. Tablets and phones are “ripe for compromise, as they say.”
Most consumers will go to an app store and click on almost anything. There is little regard for who the developer is and whether these programs are safe, he added.
“It is very much a free for all there.” Companies have to get policies in place to manage these personal devices to prevent infiltrations. “Otherwise, you’re going to be hemorrhaging data.”
“There is a huge opportunity out there for the bad guys … There is just as much juicy data on a mobile device as there is on any other device,” he said.
Meanwhile, hackers are heavily targeting energy companies of late, he said. They seem to be going after business intelligence that may give competitors an edge as well as intellectual property.
“Where they are thinking of drilling or the type of technology they are going to employ has a lot of commercial benefit,” he said.
As far as defense firms, the hacking networks have not let up trying to infiltrate their computers, but Marcus believes they are having less success. There has been more awareness in the industry of the problem, and firms are taking measures.
“The awareness is a very good thing because it is leading people to understand the scope of the problem,” he said.
Photo Credit: iStockphoto
Topics: Cyber, Cybersecurity