According to a new report, Ransomware is now ranked the number one mobile malware threat. Security experts from Tripwire have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Ken Westin, Senior Security Analyst at Tripwire :
“It is important with these types of reports to look at the metrics and actual infection rates being used to define the problem. Mobile Ransomware is not coming from applications downloaded from the Google Play or iOS app stores, but occurs when users download apps directly from websites, or untrusted third-party app stores.
“The challenge for security leaders is that no matter how much you train your staff about security, there always seems to be that one employee who downloads a porn app directly from an untrusted third-party website to their phone. To our horror, those individuals are then connecting their devices to the corporate Wi-Fi, accessing corporate email and documents from that same infected phone. It is important to not only have clear security policies established, but also have the technical controls in place to detect and mitigate when there is a policy break or threat that touches your network.
“The real threat as outlined in the report is overzealous marketing components in applications that are siphoning off information that they should not be from devices such as unique identifiers, location data, contact information. These marketers are continuously trying to find ways to circumvent phone permissions and sandboxes to harvest data from devices that can be sold in bulk, or leveraged themselves to sell products.”[/su_note]
[su_note note_color=”#ffffcc” text_color=”#00000″]Travis Smith, Senior Security Research Engineer at Tripwire :
“As humans, we have an emotional connection to the data that we create. The power of ransomware has been exploiting the emotional connection people have with their data. The cost of paying the ransom is often less than the emotional cost of losing irreplaceable pictures, emails, and other important documents.
“In the consumer market, usage of mobile devices continues to surpass PC usage. Attackers historically focus the majority of their efforts on where the users are. Based on the continued success of ransomware on PC environments, it’s only a matter of time until attackers focus their attacks against mobile devices.”[/su_note]
[su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.