Monday, November 12, 2012

Mobile Malware

     In the third quarter, Trend Micro found 175,000 different malicious and suspicious packages specifically targeting the Android system.  This is a five-fold increase over the previous quarter.  This should cause enterprise security managers to sit up and pay attention.  The threat is not as serious in the U.S. as it is in countries like Russia and China that use smart phones to pay for services.  At this point, there is a massive increase in malware, but an infrequent rate of infection due partly to the problem that the attackers have in making money from the compromised smartphones and tablets.  Premium SMS messages are not a popular way to pay for services in the U.S.

     One survey found that the average mobile employee packs around three or more devices.  At this time, the highest priority for the enterprise is still the data on the devices, contact lists, etc.  So if the device is lost or stolen, so is the data.  They also need to worry about the inevitable future where malware will succeed in the near future, likely in the next year.  The mobile devices are carried in and out of many networks as employees travel through their day.  Juniper Networks has developed software to help companies manage and secure their employees' smartphones.  Each year, they detect 2 to 3 percent of a client company's smartphones to be infected with malware, usually in the form of spyware. 

     Expected types of malware would be scareware attempts that convince a victim to pay a fee to clean off their phone, bot-like programs that would turn the phone into a text message spammer, and bank trojans that attempt to steal login credentials to transfer funds.

     As a security manager, the future of mobile device malware should definitely be in your line of sites as you plan the future of risk management for your company.

http://www.darkreading.com/advanced-threats/167901091/security/perimeter-security/240062687/companies-need-defenses-against-mobile-malware.html?cid=nl_DR_daily_2012-11-09_html&elq=4b4d20895e5c47ee858179f82fb72f95
Posted by at No comments:

Friday, November 2, 2012

Hack Back...Legally



      David Willson, an attorney from Titan Info Security Group understands the frustration of spending $50,000 to $100,000 per week to battle a persistent threat.  Nothing works, law enforcement is overwhelmed with too many cases and traditional approaches are failing.  He believes the answer could be to hack back.  But he cautions, this should never be the first line defense.  In the case of a persistent attack, it may be the only option.  He says the key is to stay within criminal law while you take your chances with civil law.  

       Security is poor on the corporate side, but it is also poor on the hacker side.  An organization could place code on a bot that has infected their system.  This code could eventually get back to the attacker's command-and-control server to block their communications route.  This code could be viewed by courts as similar to cookies or adware and these are not illegal.   

      Honeypots are also an option.  They are a legal way to collect information on their attackers and their trail.

      US companies are governed by the federal Computer Fraud and Abuse Act.  This states that any unauthorized access of another companies computers can be considered a crime.  Many states have computer trespass laws and other countries have laws that can cause serious legal trouble, also.

      My thoughts on this are frustration.  I liken this to the homeowners dilemma in protecting their property.  If someone comes to my house, jimmies the lock, comes in with a weapon, and I shoot them, I have to defend myself.  In my humble opinion, the minute someone comes into my house unexpected and uninvited, especially armed, they deserve whatever I can dish out.  They have NO business being here.  I feel the same about my computer.  I feel if hackers are getting into your system, you have documented it, and you have tried regular methods to eradicated their presence that have failed, then I think you should be able to "have at them."  If they are in your business without cause and making problems, I believe if you can get back to them and mess up their systems, you should be able to do it.  They invited the trouble.  If they were not there, they would not bring trouble on themselves.

      I understand there is are fine lines and they are there for reasons. but I get so frustrated when they seem to protect the bad guys more than the good guys.

 http://www.darkreading.com/risk-management/167901115/security/security-management/240012675/companies-should-think-about-hacking-back-legally-attorney-says.html?cid=nl_DR_weekly_2012-11-01_html&elq=1a2a5e29b1f64afbb23aed6fd2323f2f

Posted by at No comments:
Subscribe to: Comments (Atom)