#ACAD-­‐CSIRT	
  
Mobile Security, Mobile
Malware & Countermeasure
IGN Mantra, Chairman
Email: mantra@acad-csirt.or.id, UR...
#ACAD-­‐CSIRT	
  
MOBILE TRENDS
#ACAD-­‐CSIRT	
  
Why the mobile phone BOOM
#ACAD-­‐CSIRT	
  
The complex picture of the mobile phone market
But mobile phone market share doesn’t tell the full story...
#ACAD-­‐CSIRT	
  
Smartphones reached 30% market share in 2011
483M units shipped worldwide
Smartphone shipments as a % of...
#ACAD-­‐CSIRT	
  
Smartphone sales vary greatly by region Q2 2011
are the majority of handset sales in North America (63%)...
#ACAD-­‐CSIRT	
  
Android became dominant smartphone OS
Samsung and HTC benefited the most from Android success (Q4 2011)
...
#ACAD-­‐CSIRT	
  
Android turned the tables on handset makers
Samsung and HTC benefited, Nokia, Motorola, Sony were challe...
#ACAD-­‐CSIRT	
  
MOBILE MALWARE
#ACAD-­‐CSIRT	
  
10 Malware Types 2013
source : boston.com
Droid
KungFu
Geinimi
Plankton Droid
Dream
Android.
Pjapps
Ikee...
#ACAD-­‐CSIRT	
  
Mobile Malware Statistic 2013
Source : Kaspersky Lab
#ACAD-­‐CSIRT	
  
Mobile Malware
Malware is software with
malicious purpose. It may be
designed to disable your phone,
rem...
#ACAD-­‐CSIRT	
  
The Growth
#ACAD-­‐CSIRT	
  
Malware Samples Library
Source : http://rogunix.com/docs/Android/Malware/
#ACAD-­‐CSIRT	
  
The Real Dangers of Mobile Malware
Bank account
password are
stolen.
Private information
is captured.
Ph...
#ACAD-­‐CSIRT	
  
How they get you
PHISING
A fake version of real site
gathers your log-in ad other
private informations
S...
#ACAD-­‐CSIRT	
  
PROTECT MOBILE DEVICE
#ACAD-­‐CSIRT	
  
Mobile Malware & Awareness
Of users say that they
are unaware of
security software for
smartphones
Of mo...
#ACAD-­‐CSIRT	
  
What should You Do and Don’t
DO
•  Make sure the OS and sowftware are
up to date at all times
•  Downloa...
#ACAD-­‐CSIRT	
  
References
•  A window into Mobile device security
–  http://www.symantec.com/content/en/us/about/media/...
#ACAD-­‐CSIRT	
  
TERIMA KASIH
IGN MANTRA
Email : incident@acad-csirt.or.id, info@acad-csirt.or.id
Upcoming SlideShare
Loading in...5
×

Mobile security mobile malware countermeasure academic csirt

603

Published on

Mobile security mobile malware countermeasure academic csirt

Published in: Education, Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
603
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
28
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Mobile security mobile malware countermeasure academic csirt

  1. 1. #ACAD-­‐CSIRT   Mobile Security, Mobile Malware & Countermeasure IGN Mantra, Chairman Email: mantra@acad-csirt.or.id, URL: acad-csirt.or.id Honeynet Seminar 2013
  2. 2. #ACAD-­‐CSIRT   MOBILE TRENDS
  3. 3. #ACAD-­‐CSIRT   Why the mobile phone BOOM
  4. 4. #ACAD-­‐CSIRT   The complex picture of the mobile phone market But mobile phone market share doesn’t tell the full story Source: VisionMobile
  5. 5. #ACAD-­‐CSIRT   Smartphones reached 30% market share in 2011 483M units shipped worldwide Smartphone shipments as a % of total handset shipments Source: VisionMobile
  6. 6. #ACAD-­‐CSIRT   Smartphone sales vary greatly by region Q2 2011 are the majority of handset sales in North America (63%) and Europe (51%) Market share Source: VisionMobile
  7. 7. #ACAD-­‐CSIRT   Android became dominant smartphone OS Samsung and HTC benefited the most from Android success (Q4 2011) Smartphone market share by OEM and platform (H2 2011) Source: VisionMobile
  8. 8. #ACAD-­‐CSIRT   Android turned the tables on handset makers Samsung and HTC benefited, Nokia, Motorola, Sony were challenged Beneficiaries: fast-moving challengers Efficient cost structure plus ability to differentiate in software, hardware or both low cost assemblers Cost structure optimised for razor-thin margins Android is a long-term opportunity for global reach Under pressure: old guard OEMs Cost structure requiring high-margins Commoditising effect of Android makes high- margins unattainable for OEM without own ecosystem or meaningful differentiation No Name source: VisionMobile
  9. 9. #ACAD-­‐CSIRT   MOBILE MALWARE
  10. 10. #ACAD-­‐CSIRT   10 Malware Types 2013 source : boston.com Droid KungFu Geinimi Plankton Droid Dream Android. Pjapps Ikee Zitmo Hong TouTou Timifonica SymbOS. Skull
  11. 11. #ACAD-­‐CSIRT   Mobile Malware Statistic 2013 Source : Kaspersky Lab
  12. 12. #ACAD-­‐CSIRT   Mobile Malware Malware is software with malicious purpose. It may be designed to disable your phone, remotely control your phone, or steal valueable your information. Mobile malware uses the same techniques as a PC malware to infect mobile devices. app pc
  13. 13. #ACAD-­‐CSIRT   The Growth
  14. 14. #ACAD-­‐CSIRT   Malware Samples Library Source : http://rogunix.com/docs/Android/Malware/
  15. 15. #ACAD-­‐CSIRT   The Real Dangers of Mobile Malware Bank account password are stolen. Private information is captured. Phone data is deleted. Device is “bricked” and need replacing The phone is forced to send the sms premium numbers. (sedot pulsa). Malware infected devices can be used by botnet owners to launch attacks on digital targets.
  16. 16. #ACAD-­‐CSIRT   How they get you PHISING A fake version of real site gathers your log-in ad other private informations SPYWARE Silently collects information from users and sends it to eavesdroppers EXPLOITING Some malware will exploit mobile platform vulnerabilities to gain control of the device WORM A program tha replicates itself spreading throughout a network MAN IN THE MIDDLE The attackers becomes a middle man in a communication stream and logs all information relayed between the communicating parties DIRECT ATTACK Comes from files or viruses sent right to your cell phone.
  17. 17. #ACAD-­‐CSIRT   PROTECT MOBILE DEVICE
  18. 18. #ACAD-­‐CSIRT   Mobile Malware & Awareness Of users say that they are unaware of security software for smartphones Of mobile users bank from a phone, yet most don’t have security measures in place 53% 24%
  19. 19. #ACAD-­‐CSIRT   What should You Do and Don’t DO •  Make sure the OS and sowftware are up to date at all times •  Download apps from reputable sites and closely review app permission requests. •  Make sure to check the feedback from other users before installing the program from an app store •  User strong password •  User personal firewall •  Turn off bluetooth and other connections when not in use •  Install a mobile security application. DON’T •  Download apps from third party app repositories •  Jailbreak your phone •  Leave your “wifi ad hoc mode on” •  Accessing banking or shopping sites over a public WIFI connection •  Leave your mobile device unattended in public places.
  20. 20. #ACAD-­‐CSIRT   References •  A window into Mobile device security –  http://www.symantec.com/content/en/us/about/media/pdfs/ symc_mobile_device_security_june2011.pdf •  http://www.continuitycentral.com/feature0919.html •  http://www.usatoday.com/tech/news/story/2012-03-22/ lost-phones/53707448/1] •  US-CERT Resource: Paul Ruggiero and Jon Foote, “Cyber Threats to Mobile Phones”, http://www.us- cert.gov/reading_room/ cyber_threats_to_mobile_phones.pdf) •  Top 10 android Security Riskshttp:// www.esecurityplanet.com/views/article.php/3928646/ Top-10-Android-Security-Risks.htm
  21. 21. #ACAD-­‐CSIRT   TERIMA KASIH IGN MANTRA Email : incident@acad-csirt.or.id, info@acad-csirt.or.id
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×