hacker attack. female silhouette symbolised cyber crime

Blue Coat: Porn Presents Greatest Threat for Malware Attacks

Blue Coat Systems, Inc. a market leader in today’s enterprise security announced an alarming hike in more malicious malware attacks. This includes from smaller scale, less disturbing attacks to serious personal ransomware (cyber blackmail) and undetectable inserts of spyware on devices with the intent to profile users’ buying behaviors.

“Mobile malware has worried people for many years once it became essential for users to acquire more than one device in order to meet their personal and business needs,” Kenneth Chen, Blue Coat Managing Director for ASEAN, Hong Kong and Taiwan said.

“As the usage of mobile devices grows steadily, cyber criminals take advantage of these mobile avenues to write more sophisticated malware to tap into collected data. Hence, enterprises must be prepared to manage these risks through the deployment of advanced, improvised protection based on realistic, strategic approach to the problem which extends to the perimeter of both mobile and cloud environment,” added Chen.

Porn Dominates Threat Market over WebAds

When Blue Coat recently compared the top categories of “infection vectors” from 2014 to 2015, it found that pornography was once again the number one threat vector, taking over from WebAds, which has dropped from almost 20 percent last year to less than five percent this year. The threats on porn sites include both malvertising attacks and sites that host Trojan horse apps.

“It certainly presents a problem whereby upon entering porn sites, users find that there is no easy way out once been exposed to malware attacks,” Chen expresses his concern over the increase in porn surfing activities from 16.55 percent in 2014 to over 36 percent this year. This potentially means that whenever we see a mobile user’s traffic heading to malicious sites, it is most likely 36 percent of the time that that user is following a link from a porn site.

The 2015 Blue Coat Mobile Malware Report highlights three types of malware users should be cautious of:

1. Potentially Unwanted Software (PUS)
This program typically behaves as “adware” or “spyware”, stalking on users’ online activity and personal data through deceptive advertising or socially-engineered attacks, designed to trick victim into installing these software, unwillingly or without their informed consent. Most junk mobile apps discovered on sites that host these software has been rising steadily which contributes a major shift in its volume within traditional malware and mobile space.

2. Ransomware
Thanks to the enhanced performance capabilities of smartphones, while some varieties only causes little damage beyond convincing victims to pay, “evil” ransomware resorts to more sophisticated approaches over the past years with the ability to render music files, photographs, videos and other document types unreadable. Such attack is characterized by SimpleLocker, an advanced cryptographic ransomware that allows cyber hostage-taker to demand untraceable form of payment (namely Bitcoin) within a strict time limit given before the files becomes permanently inaccessible to the owner.

3. Information Leakage
The most vital information of user such as phone’s operating system, manufacturer, specific apps or browsers visited can be stolen right under their noses when their mobile device is at 24/7 and 365-basis reporting and watch. Till today, no system tools can detect the incoming and outgoing data from their devices, however their leaky data will be openly revealed in the “User Agent” string, whether it’s an Android or iOS device.

Prepare Your Defenses against Malware Threats

To avoid these attacks, Blue Coat advocates the following tips and measures to strengthen corporate defenses:

• Invest in visibility solutions from trusted security vendors that extend to mobile devices.
• Create protected network such as Guest Wi-Fi with intelligent policies for employees and business guests to use instead of cellular data plans that bypasses corporate visibility.
• Avoid downloading apps from unofficial sources such as free/cracked versions of popular apps, surfing porn, jailbreak (by overriding inherent security of your phone), and pay close attention to any warnings received especially when connected to free unsecured Wi-Fi networks.
• Be wary of any suspicious activities indicated by your OS such as sudden installation of third party SSL certification on an Android which enables an unauthorized interception possible, especially in an environment where SSL interception takes place by policy.
• “Press and hold” technique on your phone to reveal the true destination of on-screen links, like shortened URLs or phishing URLs.

To download Blue Coat Mobile Malware report, please visit www.bluecoat.com/mobile-malware.

About Blue Coat Systems

Blue Coat is a leader in advanced enterprise security, protecting 15,000 organizations every day, including 88 of the 100 largest global companies. Through the Blue Coat Security Platform, Blue Coat unites network, security and cloud, providing customers with maximum protection against advanced threats, while minimizing impact on network performance and enabling cloud applications and services. Blue Coat was acquired by Bain Capital in March 2015. For additional information, please visit www.bluecoat.com.




There are no comments

Add yours