#ACAD-‐CSIRT The complex picture of the mobile phone marketBut mobile phone market share doesn’t tell the full storySource: VisionMobile
#ACAD-‐CSIRT Smartphones reached 30% market share in 2011483M units shipped worldwideSmartphone shipments as a % of total handset shipmentsSource: VisionMobile
#ACAD-‐CSIRT Smartphone sales vary greatly by region Q2 2011are the majority of handset sales in North America (63%) and Europe (51%)Market shareSource: VisionMobile
#ACAD-‐CSIRT Android became dominant smartphone OSSamsung and HTC benefited the most from Android success (Q4 2011)Smartphone market share by OEM and platform (H2 2011)Source: VisionMobile
#ACAD-‐CSIRT Android turned the tables on handset makersSamsung and HTC benefited, Nokia, Motorola, Sony were challengedBeneficiaries:fast-moving challengersEfficient cost structure plus ability to differentiatein software, hardware or bothlow cost assemblersCost structure optimised for razor-thin marginsAndroid is a long-term opportunity for global reachUnder pressure:old guard OEMsCost structure requiring high-marginsCommoditising effect of Android makes high-margins unattainable for OEM without ownecosystem or meaningful differentiationNo Name source: VisionMobile
#ACAD-‐CSIRT Mobile Malware Statistic 2013Source : Kaspersky Lab
#ACAD-‐CSIRT Mobile MalwareMalware is software withmalicious purpose. It may bedesigned to disable your phone,remotely control your phone, orsteal valueable your information.Mobile malware uses the sametechniques as a PC malware toinfect mobile devices.apppc
#ACAD-‐CSIRT The Real Dangers of Mobile MalwareBank accountpassword arestolen.Private informationis captured.Phone data isdeleted.Device is “bricked”and need replacingThe phone isforced to send thesms premiumnumbers. (sedotpulsa).Malware infecteddevices can be usedby botnet owners tolaunch attacks ondigital targets.
#ACAD-‐CSIRT How they get youPHISINGA fake version of real sitegathers your log-in ad otherprivate informationsSPYWARESilently collects informationfrom users and sends it toeavesdroppersEXPLOITINGSome malware will exploitmobile platform vulnerabilities togain control of the deviceWORMA program tha replicates itselfspreading throughout a networkMAN IN THE MIDDLEThe attackers becomes amiddle man in a communicationstream and logs all informationrelayed between thecommunicating partiesDIRECT ATTACKComes from files or viruses sentright to your cell phone.
#ACAD-‐CSIRT Mobile Malware & AwarenessOf users say that theyare unaware ofsecurity software forsmartphonesOf mobile users bankfrom a phone, yet mostdon’t have securitymeasures in place53%24%
#ACAD-‐CSIRT What should You Do and Don’tDO• Make sure the OS and sowftware areup to date at all times• Download apps from reputable sitesand closely review app permissionrequests.• Make sure to check the feedbackfrom other users before installing theprogram from an app store• User strong password• User personal firewall• Turn off bluetooth and otherconnections when not in use• Install a mobile security application.DON’T• Download apps from thirdparty app repositories• Jailbreak your phone• Leave your “wifi ad hocmode on”• Accessing banking orshopping sites over a publicWIFI connection• Leave your mobile deviceunattended in public places.
#ACAD-‐CSIRT References• A window into Mobile device security– http://www.symantec.com/content/en/us/about/media/pdfs/symc_mobile_device_security_june2011.pdf• http://www.continuitycentral.com/feature0919.html• http://www.usatoday.com/tech/news/story/2012-03-22/lost-phones/53707448/1]• US-CERT Resource: Paul Ruggiero and Jon Foote,“Cyber Threats to Mobile Phones”, http://www.us-cert.gov/reading_room/cyber_threats_to_mobile_phones.pdf)• Top 10 android Security Riskshttp://www.esecurityplanet.com/views/article.php/3928646/Top-10-Android-Security-Risks.htm