Mobile security mobile malware countermeasure academic csirt

  • 443 views
Uploaded on

Mobile security mobile malware countermeasure academic csirt

Mobile security mobile malware countermeasure academic csirt

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
443
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
19
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. #ACAD-­‐CSIRT   Mobile Security, Mobile Malware & Countermeasure IGN Mantra, Chairman Email: mantra@acad-csirt.or.id, URL: acad-csirt.or.id Honeynet Seminar 2013
  • 2. #ACAD-­‐CSIRT   MOBILE TRENDS
  • 3. #ACAD-­‐CSIRT   Why the mobile phone BOOM
  • 4. #ACAD-­‐CSIRT   The complex picture of the mobile phone market But mobile phone market share doesn’t tell the full story Source: VisionMobile
  • 5. #ACAD-­‐CSIRT   Smartphones reached 30% market share in 2011 483M units shipped worldwide Smartphone shipments as a % of total handset shipments Source: VisionMobile
  • 6. #ACAD-­‐CSIRT   Smartphone sales vary greatly by region Q2 2011 are the majority of handset sales in North America (63%) and Europe (51%) Market share Source: VisionMobile
  • 7. #ACAD-­‐CSIRT   Android became dominant smartphone OS Samsung and HTC benefited the most from Android success (Q4 2011) Smartphone market share by OEM and platform (H2 2011) Source: VisionMobile
  • 8. #ACAD-­‐CSIRT   Android turned the tables on handset makers Samsung and HTC benefited, Nokia, Motorola, Sony were challenged Beneficiaries: fast-moving challengers Efficient cost structure plus ability to differentiate in software, hardware or both low cost assemblers Cost structure optimised for razor-thin margins Android is a long-term opportunity for global reach Under pressure: old guard OEMs Cost structure requiring high-margins Commoditising effect of Android makes high- margins unattainable for OEM without own ecosystem or meaningful differentiation No Name source: VisionMobile
  • 9. #ACAD-­‐CSIRT   MOBILE MALWARE
  • 10. #ACAD-­‐CSIRT   10 Malware Types 2013 source : boston.com Droid KungFu Geinimi Plankton Droid Dream Android. Pjapps Ikee Zitmo Hong TouTou Timifonica SymbOS. Skull
  • 11. #ACAD-­‐CSIRT   Mobile Malware Statistic 2013 Source : Kaspersky Lab
  • 12. #ACAD-­‐CSIRT   Mobile Malware Malware is software with malicious purpose. It may be designed to disable your phone, remotely control your phone, or steal valueable your information. Mobile malware uses the same techniques as a PC malware to infect mobile devices. app pc
  • 13. #ACAD-­‐CSIRT   The Growth
  • 14. #ACAD-­‐CSIRT   Malware Samples Library Source : http://rogunix.com/docs/Android/Malware/
  • 15. #ACAD-­‐CSIRT   The Real Dangers of Mobile Malware Bank account password are stolen. Private information is captured. Phone data is deleted. Device is “bricked” and need replacing The phone is forced to send the sms premium numbers. (sedot pulsa). Malware infected devices can be used by botnet owners to launch attacks on digital targets.
  • 16. #ACAD-­‐CSIRT   How they get you PHISING A fake version of real site gathers your log-in ad other private informations SPYWARE Silently collects information from users and sends it to eavesdroppers EXPLOITING Some malware will exploit mobile platform vulnerabilities to gain control of the device WORM A program tha replicates itself spreading throughout a network MAN IN THE MIDDLE The attackers becomes a middle man in a communication stream and logs all information relayed between the communicating parties DIRECT ATTACK Comes from files or viruses sent right to your cell phone.
  • 17. #ACAD-­‐CSIRT   PROTECT MOBILE DEVICE
  • 18. #ACAD-­‐CSIRT   Mobile Malware & Awareness Of users say that they are unaware of security software for smartphones Of mobile users bank from a phone, yet most don’t have security measures in place 53% 24%
  • 19. #ACAD-­‐CSIRT   What should You Do and Don’t DO •  Make sure the OS and sowftware are up to date at all times •  Download apps from reputable sites and closely review app permission requests. •  Make sure to check the feedback from other users before installing the program from an app store •  User strong password •  User personal firewall •  Turn off bluetooth and other connections when not in use •  Install a mobile security application. DON’T •  Download apps from third party app repositories •  Jailbreak your phone •  Leave your “wifi ad hoc mode on” •  Accessing banking or shopping sites over a public WIFI connection •  Leave your mobile device unattended in public places.
  • 20. #ACAD-­‐CSIRT   References •  A window into Mobile device security –  http://www.symantec.com/content/en/us/about/media/pdfs/ symc_mobile_device_security_june2011.pdf •  http://www.continuitycentral.com/feature0919.html •  http://www.usatoday.com/tech/news/story/2012-03-22/ lost-phones/53707448/1] •  US-CERT Resource: Paul Ruggiero and Jon Foote, “Cyber Threats to Mobile Phones”, http://www.us- cert.gov/reading_room/ cyber_threats_to_mobile_phones.pdf) •  Top 10 android Security Riskshttp:// www.esecurityplanet.com/views/article.php/3928646/ Top-10-Android-Security-Risks.htm
  • 21. #ACAD-­‐CSIRT   TERIMA KASIH IGN MANTRA Email : incident@acad-csirt.or.id, info@acad-csirt.or.id