Popular mobile platforms at greater risk of cyber crime
Devices running on the two most dominant mobile platforms in the market – Android and iOS – are increasingly at risk, according to FireEye, a United States-based IT security company, which in a recent report revealed that it had found a 500 percent increase in the number of Android apps designed to steal financial data, writes M. Iqbal.
FireEye also found more than 1400 iOS apps publicly available on the Internet that introduce variants of security issues. The company’s report identifies a new delivery channel for iOS malware that bypasses the Apple App Store review process. Attackers can take advantage of ‘enterprise/ad-hoc provisioning’ to deliver malicious apps to end users.
Enterprise/ad-hoc provisioning allows organisations to deliver in-house apps directly to their employees’ iOS devices, thus bypassing Apple’s security.
The report, Out of Pocket: A Comprehensive Mobile Threat Assessment of 7 Million iOS and Android Apps, is based on an analysis of seven million mobile apps on both platforms between January and October 2014. Researchers reviewed popular apps with more than 50,000 downloads to assess their exposure to a common vulnerability, and found that 31 percent of them were exposed to it. Of those, 18 percent were in categories with potentially sensitive data, including finance, medical, communication, shopping, health and productivity.
“Today, mobile apps represent a significant threat vector for enterprises,” said Manish Gupta at FireEye. “Worse, most enterprises have little or no information on mobile security risks nor any way to deal with an advanced attack on a mobile device.”
The 2014 Global Economic Crime Survey by PricewaterhouseCoopers identified cyber crime as the second most common form of economic crime reported in the Middle East, behind asset misappropriation.
This growing sophistication and proficiency of cyber-attacks is prompting governments and organisations in the region to invest in more secure IT infrastructure to protect against cybercrimes. The Market Forecasts and Analysis Report (2014-2019) by MarketsandMarkets forecasts that the region’s cyber security market will grow by 84 percent from USD5.17 billion (QAR24 billion) in 2014 to USD9.56 billion (QAR34.7 billion) in 2019.
Nader Henein at BlackBerry Advanced Security Solutions’ Advisory Division said, “Qatar has been at the vanguard of cyber defence in the region for the past few years now, thanks chiefly to ictQatar, which combines multiple functions and overarching responsibilities that would normally sit with a half dozen departments in most other governments. As such ictQatar is able to monitor, act, instruct and discriminate guidance swiftly and efficiently which has kept the country as a whole safe.”
Last month, Qatar’s State Cabinet strengthened the country’s position against cyber threats by approving the formation of two new bodies to monitor online threats. The National Center for Cyber Security will be set up under the Ministry of Interior and will monitor and follow up on cyber threats to government entities. The second body, National Committee for Information Security, would carry out the National Cyber Security Strategy.