Mobile security mobile malware countermeasure academic csirt

1,265 views

Published on

Mobile security mobile malware countermeasure academic csirt

Published in: Education, Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,265
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
39
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Mobile security mobile malware countermeasure academic csirt

  1. 1. #ACAD-­‐CSIRT   Mobile Security, Mobile Malware & Countermeasure IGN Mantra, Chairman Email: mantra@acad-csirt.or.id, URL: acad-csirt.or.id Honeynet Seminar 2013
  2. 2. #ACAD-­‐CSIRT   MOBILE TRENDS
  3. 3. #ACAD-­‐CSIRT   Why the mobile phone BOOM
  4. 4. #ACAD-­‐CSIRT   The complex picture of the mobile phone market But mobile phone market share doesn’t tell the full story Source: VisionMobile
  5. 5. #ACAD-­‐CSIRT   Smartphones reached 30% market share in 2011 483M units shipped worldwide Smartphone shipments as a % of total handset shipments Source: VisionMobile
  6. 6. #ACAD-­‐CSIRT   Smartphone sales vary greatly by region Q2 2011 are the majority of handset sales in North America (63%) and Europe (51%) Market share Source: VisionMobile
  7. 7. #ACAD-­‐CSIRT   Android became dominant smartphone OS Samsung and HTC benefited the most from Android success (Q4 2011) Smartphone market share by OEM and platform (H2 2011) Source: VisionMobile
  8. 8. #ACAD-­‐CSIRT   Android turned the tables on handset makers Samsung and HTC benefited, Nokia, Motorola, Sony were challenged Beneficiaries: fast-moving challengers Efficient cost structure plus ability to differentiate in software, hardware or both low cost assemblers Cost structure optimised for razor-thin margins Android is a long-term opportunity for global reach Under pressure: old guard OEMs Cost structure requiring high-margins Commoditising effect of Android makes high- margins unattainable for OEM without own ecosystem or meaningful differentiation No Name source: VisionMobile
  9. 9. #ACAD-­‐CSIRT   MOBILE MALWARE
  10. 10. #ACAD-­‐CSIRT   10 Malware Types 2013 source : boston.com Droid KungFu Geinimi Plankton Droid Dream Android. Pjapps Ikee Zitmo Hong TouTou Timifonica SymbOS. Skull
  11. 11. #ACAD-­‐CSIRT   Mobile Malware Statistic 2013 Source : Kaspersky Lab
  12. 12. #ACAD-­‐CSIRT   Mobile Malware Malware is software with malicious purpose. It may be designed to disable your phone, remotely control your phone, or steal valueable your information. Mobile malware uses the same techniques as a PC malware to infect mobile devices. app pc
  13. 13. #ACAD-­‐CSIRT   The Growth
  14. 14. #ACAD-­‐CSIRT   Malware Samples Library Source : http://rogunix.com/docs/Android/Malware/
  15. 15. #ACAD-­‐CSIRT   The Real Dangers of Mobile Malware Bank account password are stolen. Private information is captured. Phone data is deleted. Device is “bricked” and need replacing The phone is forced to send the sms premium numbers. (sedot pulsa). Malware infected devices can be used by botnet owners to launch attacks on digital targets.
  16. 16. #ACAD-­‐CSIRT   How they get you PHISING A fake version of real site gathers your log-in ad other private informations SPYWARE Silently collects information from users and sends it to eavesdroppers EXPLOITING Some malware will exploit mobile platform vulnerabilities to gain control of the device WORM A program tha replicates itself spreading throughout a network MAN IN THE MIDDLE The attackers becomes a middle man in a communication stream and logs all information relayed between the communicating parties DIRECT ATTACK Comes from files or viruses sent right to your cell phone.
  17. 17. #ACAD-­‐CSIRT   PROTECT MOBILE DEVICE
  18. 18. #ACAD-­‐CSIRT   Mobile Malware & Awareness Of users say that they are unaware of security software for smartphones Of mobile users bank from a phone, yet most don’t have security measures in place 53% 24%
  19. 19. #ACAD-­‐CSIRT   What should You Do and Don’t DO •  Make sure the OS and sowftware are up to date at all times •  Download apps from reputable sites and closely review app permission requests. •  Make sure to check the feedback from other users before installing the program from an app store •  User strong password •  User personal firewall •  Turn off bluetooth and other connections when not in use •  Install a mobile security application. DON’T •  Download apps from third party app repositories •  Jailbreak your phone •  Leave your “wifi ad hoc mode on” •  Accessing banking or shopping sites over a public WIFI connection •  Leave your mobile device unattended in public places.
  20. 20. #ACAD-­‐CSIRT   References •  A window into Mobile device security –  http://www.symantec.com/content/en/us/about/media/pdfs/ symc_mobile_device_security_june2011.pdf •  http://www.continuitycentral.com/feature0919.html •  http://www.usatoday.com/tech/news/story/2012-03-22/ lost-phones/53707448/1] •  US-CERT Resource: Paul Ruggiero and Jon Foote, “Cyber Threats to Mobile Phones”, http://www.us- cert.gov/reading_room/ cyber_threats_to_mobile_phones.pdf) •  Top 10 android Security Riskshttp:// www.esecurityplanet.com/views/article.php/3928646/ Top-10-Android-Security-Risks.htm
  21. 21. #ACAD-­‐CSIRT   TERIMA KASIH IGN MANTRA Email : incident@acad-csirt.or.id, info@acad-csirt.or.id

×