Lookout study: hackers target mobile attacks by region

Mobile security report finds cyber criminals adapt practices to maximize profits and minimize detection.

Mobile devices are prime targets for for cyber criminals, and a report by mobile security company Lookout reveals some surprising data about how they plot their attacks.

Lookout collected data from more than 50 million users between January and December of 2013. It analyzed the information and broke it down by region and type of attack to get a picture of mobile attack trends. The results are weighted to normalize the differences between life cycles of users in different regions.

What stood out is that attackers adapt attack behavior to target regions where the attack is more likely to maximize profit while minimizing potential detection.

For example, the overall rate of encountering malware on a mobile device was only 4 percent in the United States and Canada and only 3 percent in France, but jumps to 18 percent in Spain, 28 percent in China, and a massive 63 percent in Russia.

In North America, the bulk of mobile attacks fall into the adware category--threats that serve obtrusive or unsolicited ads on compromised devices. In other regions--especially in China and Russia--chargeware attacks are more prevalent. Chargeware attacks surreptitiously rack up significant fees on user accounts without clear notification or user consent.

Adware, and chargeware, and other mobile malware are obviously problems for individual users, but Lookout also points out a serious concern for businesses--particularly organizations that have embraced BYOD. "As BYOD becomes more common in the workplace, rather than attacking traditional, heavily monitored network services, we expect criminals to evolve once again and turn to mobile devices as an easier way to get into the enterprise and access valuable data," the report states.

Attackers are generally lazy--or at least very efficient. They go after the low hanging fruit. For example, the recent Target data breach was not a result of a direct attack on Target, or even Target employees. The attackers exploited a third-party contractor that works with Target and used that as a back door to compromise the Target network. Similarly, personal mobile devices with access to company data and network resources are a much easier to target than trying to attack an organization directly.

To protect yourself, you should make sure you only download apps from the designated app store for your mobile platform, or at least verify the integrity and credibility of any third-party app stores you might use. You should also be careful of random calls or text messages, and never press buttons or tap on links. It's basically the same mantra as the "don't open email file attachments from unknown sources," just extended to mobile devices.

Finally, you have to recognize the value of what's on your mobile device, and what it has access to. How many apps or services on your mobile device are able to expose sensitive information or have stored passwords that allow them to connect to confidential or personal data with a single tap? Use a passcode to lock your mobile device, and consider using some sort of security software to detect and block attacks just like you do on your traditional PC.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitymobile security

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tony Bradley

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place