SlideShare a Scribd company logo

I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure

Indonesia Honeynet Chapter
Indonesia Honeynet Chapter

The document discusses mobile trends, the rise of smartphones, and mobile malware threats. It notes that smartphones reached 30% of the global mobile market in 2011. It also discusses the rise of Android as the dominant smartphone OS and how this benefited companies like Samsung and HTC. The document outlines several types of mobile malware and statistics on mobile malware infections. It details how mobile malware can steal private information or control devices. Finally, it provides tips on securing mobile devices and awareness of mobile security issues.

Technology
1 of 21
Download to read offline
#ACAD-­‐CSIRT   Mobile Security, Mobile Malware & Countermeasure IGN Mantra, Chairman Email: mantra@acad-csirt.or.id, URL: acad-csirt.or.id Honeynet Seminar 2013
#ACAD-­‐CSIRT   MOBILE TRENDS
#ACAD-­‐CSIRT   Why the mobile phone BOOM
#ACAD-­‐CSIRT   The complex picture of the mobile phone market But mobile phone market share doesn’t tell the full story Source: VisionMobile
#ACAD-­‐CSIRT   Smartphones reached 30% market share in 2011 483M units shipped worldwide Smartphone shipments as a % of total handset shipments Source: VisionMobile
#ACAD-­‐CSIRT   Smartphone sales vary greatly by region Q2 2011 are the majority of handset sales in North America (63%) and Europe (51%) Market share Source: VisionMobile
#ACAD-­‐CSIRT   Android became dominant smartphone OS Samsung and HTC benefited the most from Android success (Q4 2011) Smartphone market share by OEM and platform (H2 2011) Source: VisionMobile
#ACAD-­‐CSIRT   Android turned the tables on handset makers Samsung and HTC benefited, Nokia, Motorola, Sony were challenged Beneficiaries: fast-moving challengers Efficient cost structure plus ability to differentiate in software, hardware or both low cost assemblers Cost structure optimised for razor-thin margins Android is a long-term opportunity for global reach Under pressure: old guard OEMs Cost structure requiring high-margins Commoditising effect of Android makes high- margins unattainable for OEM without own ecosystem or meaningful differentiation No Name source: VisionMobile
#ACAD-­‐CSIRT   MOBILE MALWARE
#ACAD-­‐CSIRT   10 Malware Types 2013 source : boston.com Droid KungFu Geinimi Plankton Droid Dream Android. Pjapps Ikee Zitmo Hong TouTou Timifonica SymbOS. Skull
#ACAD-­‐CSIRT   Mobile Malware Statistic 2013 Source : Kaspersky Lab
#ACAD-­‐CSIRT   Mobile Malware Malware is software with malicious purpose. It may be designed to disable your phone, remotely control your phone, or steal valueable your information. Mobile malware uses the same techniques as a PC malware to infect mobile devices. app pc
#ACAD-­‐CSIRT   The Growth
#ACAD-­‐CSIRT   Malware Samples Library Source : http://rogunix.com/docs/Android/Malware/
#ACAD-­‐CSIRT   The Real Dangers of Mobile Malware Bank account password are stolen. Private information is captured. Phone data is deleted. Device is “bricked” and need replacing The phone is forced to send the sms premium numbers. (sedot pulsa). Malware infected devices can be used by botnet owners to launch attacks on digital targets.
#ACAD-­‐CSIRT   How they get you PHISING A fake version of real site gathers your log-in ad other private informations SPYWARE Silently collects information from users and sends it to eavesdroppers EXPLOITING Some malware will exploit mobile platform vulnerabilities to gain control of the device WORM A program tha replicates itself spreading throughout a network MAN IN THE MIDDLE The attackers becomes a middle man in a communication stream and logs all information relayed between the communicating parties DIRECT ATTACK Comes from files or viruses sent right to your cell phone.
#ACAD-­‐CSIRT   PROTECT MOBILE DEVICE
#ACAD-­‐CSIRT   Mobile Malware & Awareness Of users say that they are unaware of security software for smartphones Of mobile users bank from a phone, yet most don’t have security measures in place 53% 24%
#ACAD-­‐CSIRT   What should You Do and Don’t DO •  Make sure the OS and sowftware are up to date at all times •  Download apps from reputable sites and closely review app permission requests. •  Make sure to check the feedback from other users before installing the program from an app store •  User strong password •  User personal firewall •  Turn off bluetooth and other connections when not in use •  Install a mobile security application. DON’T •  Download apps from third party app repositories •  Jailbreak your phone •  Leave your “wifi ad hoc mode on” •  Accessing banking or shopping sites over a public WIFI connection •  Leave your mobile device unattended in public places.
#ACAD-­‐CSIRT   References •  A window into Mobile device security –  http://www.symantec.com/content/en/us/about/media/pdfs/ symc_mobile_device_security_june2011.pdf •  http://www.continuitycentral.com/feature0919.html •  http://www.usatoday.com/tech/news/story/2012-03-22/ lost-phones/53707448/1] •  US-CERT Resource: Paul Ruggiero and Jon Foote, “Cyber Threats to Mobile Phones”, http://www.us- cert.gov/reading_room/ cyber_threats_to_mobile_phones.pdf) •  Top 10 android Security Riskshttp:// www.esecurityplanet.com/views/article.php/3928646/ Top-10-Android-Security-Risks.htm
#ACAD-­‐CSIRT   TERIMA KASIH IGN MANTRA Email : incident@acad-csirt.or.id, info@acad-csirt.or.id

Recommended

Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android Devices
Quick Heal Technologies Ltd.
 
Mobile changes everything, no one is safe
Mobile changes everything, no one is safeMobile changes everything, no one is safe
Mobile changes everything, no one is safe
Jorge Sebastiao
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devicesjraja01
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and securityPRIYANKA944
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
CAS
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
Lookout
 
The New NotCompatible
The New NotCompatibleThe New NotCompatible
The New NotCompatible
Lookout
 
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
viaForensics
 

Recommended

Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android Devices
Quick Heal Technologies Ltd.
 
Mobile changes everything, no one is safe
Mobile changes everything, no one is safeMobile changes everything, no one is safe
Mobile changes everything, no one is safe
Jorge Sebastiao
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devicesjraja01
 
cell phone viruses and security
cell phone viruses and securitycell phone viruses and security
cell phone viruses and securityPRIYANKA944
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
CAS
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
Lookout
 
The New NotCompatible
The New NotCompatibleThe New NotCompatible
The New NotCompatible
Lookout
 
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
viaForensics
 
Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Security
guestc03f28
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSPurna Bhat
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityKevin Lee
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overviewPrivateWave Italia SpA
 
cellphone virus and security
cellphone virus and securitycellphone virus and security
cellphone virus and securityAkhil Kumar
 
Samsung KNOX for Dummies
Samsung KNOX for DummiesSamsung KNOX for Dummies
Samsung KNOX for Dummies
Samsung Business USA
 
T.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirtyT.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirty
Adam Radly
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
Editor IJMTER
 
CS Mobile - Lyckad Mobilstrategi
CS Mobile - Lyckad MobilstrategiCS Mobile - Lyckad Mobilstrategi
CS Mobile - Lyckad Mobilstrategi
IBM Sverige
 
Techvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsTechvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutions
Saad Ahmad
 
Communication gadgets and technology
Communication gadgets and technologyCommunication gadgets and technology
Communication gadgets and technology
Welingkar Institute Of Management
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2
Santosh Satam
 
Mobilecomputings07
Mobilecomputings07Mobilecomputings07
Mobilecomputings07Mayank Vora
 
Wearables show march 2015
Wearables show march 2015Wearables show march 2015
Wearables show march 2015
Satya Harish
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and Tablets
Vince Verbeke
 
You can wear it!
You can wear it!You can wear it!
You can wear it!
Proofpoint
 
Surfing Safe on the Road
Surfing Safe on the RoadSurfing Safe on the Road
Surfing Safe on the RoadF-Secure Corporation
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
Subho Halder
 
C3i Group Cyber Law
C3i Group Cyber LawC3i Group Cyber Law
C3i Group Cyber Law
Centre for Strategic Cyberspace + Security Science
 
Cisco Prime Security Manager
Cisco Prime Security ManagerCisco Prime Security Manager
Cisco Prime Security ManagerCisco Russia
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Phil Agcaoili
 

More Related Content

What's hot

Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Security
guestc03f28
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSPurna Bhat
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityKevin Lee
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
cellphone virus and security
cellphone virus and securitycellphone virus and security
cellphone virus and securityAkhil Kumar
 
Samsung KNOX for Dummies
Samsung KNOX for DummiesSamsung KNOX for Dummies
Samsung KNOX for Dummies
Samsung Business USA
 
T.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirtyT.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirty
Adam Radly
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
Editor IJMTER
 
CS Mobile - Lyckad Mobilstrategi
CS Mobile - Lyckad MobilstrategiCS Mobile - Lyckad Mobilstrategi
CS Mobile - Lyckad Mobilstrategi
IBM Sverige
 
Techvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsTechvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutions
Saad Ahmad
 
Communication gadgets and technology
Communication gadgets and technologyCommunication gadgets and technology
Communication gadgets and technology
Welingkar Institute Of Management
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2
Santosh Satam
 
Mobilecomputings07
Mobilecomputings07Mobilecomputings07
Mobilecomputings07Mayank Vora
 
Wearables show march 2015
Wearables show march 2015Wearables show march 2015
Wearables show march 2015
Satya Harish
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and Tablets
Vince Verbeke
 
You can wear it!
You can wear it!You can wear it!
You can wear it!
Proofpoint
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
Subho Halder
 

What's hot (19)

Cell Phone Viruses & Security
Cell Phone Viruses & SecurityCell Phone Viruses & Security
Cell Phone Viruses & Security
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoS
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 
Mobile security
Mobile securityMobile security
Mobile security
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overview
 
cellphone virus and security
cellphone virus and securitycellphone virus and security
cellphone virus and security
 
Samsung KNOX for Dummies
Samsung KNOX for DummiesSamsung KNOX for Dummies
Samsung KNOX for Dummies
 
T.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirtyT.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirty
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
 
CS Mobile - Lyckad Mobilstrategi
CS Mobile - Lyckad MobilstrategiCS Mobile - Lyckad Mobilstrategi
CS Mobile - Lyckad Mobilstrategi
 
Techvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsTechvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutions
 
Communication gadgets and technology
Communication gadgets and technologyCommunication gadgets and technology
Communication gadgets and technology
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2
 
Mobilecomputings07
Mobilecomputings07Mobilecomputings07
Mobilecomputings07
 
Wearables show march 2015
Wearables show march 2015Wearables show march 2015
Wearables show march 2015
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and Tablets
 
You can wear it!
You can wear it!You can wear it!
You can wear it!
 
Surfing Safe on the Road
Surfing Safe on the RoadSurfing Safe on the Road
Surfing Safe on the Road
 
Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
 

Viewers also liked

C3i Group Cyber Law
C3i Group Cyber LawC3i Group Cyber Law
C3i Group Cyber Law
Centre for Strategic Cyberspace + Security Science
 
Cisco Prime Security Manager
Cisco Prime Security ManagerCisco Prime Security Manager
Cisco Prime Security ManagerCisco Russia
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Phil Agcaoili
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Cyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewCyber security: challenges for society- literature review
Cyber security: challenges for society- literature review
IOSR Journals
 
Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...
Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...
Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...
Dana Gardner
 
Be The Excuse?
Be The Excuse?Be The Excuse?
Be The Excuse?
MRS. CYNTH'YA REED
 
Hogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing SecutityHogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing Secutity
Indonesia Honeynet Chapter
 
Our Journey <3
Our Journey <3Our Journey <3
Our Journey <3Denn Den
 
Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013
Indonesia Honeynet Chapter
 
Urbanismo janela-otero-deber
Urbanismo janela-otero-deberUrbanismo janela-otero-deber
Urbanismo janela-otero-deber
Enrique Hernandez
 
Ahmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident UpdatesAhmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident Updates
Indonesia Honeynet Chapter
 
Cents-ible Cyber Monday
Cents-ible Cyber MondayCents-ible Cyber Monday
Cents-ible Cyber Monday
MRS. CYNTH'YA REED
 
Giving back with GitHub - Putting the Open Source back in iOS
Giving back with GitHub - Putting the Open Source back in iOSGiving back with GitHub - Putting the Open Source back in iOS
Giving back with GitHub - Putting the Open Source back in iOS
Madhava Jay
 
Osorio antonhy 3 b
Osorio antonhy 3 bOsorio antonhy 3 b
Osorio antonhy 3 b
Enrique Hernandez
 
Karunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident HandlingKarunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident Handling
Indonesia Honeynet Chapter
 
Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health Security
Indonesia Honeynet Chapter
 
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security StrategyGildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
Indonesia Honeynet Chapter
 
Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter
Indonesia Honeynet Chapter
 

Viewers also liked (20)

C3i Group Cyber Law
C3i Group Cyber LawC3i Group Cyber Law
C3i Group Cyber Law
 
Cisco Prime Security Manager
Cisco Prime Security ManagerCisco Prime Security Manager
Cisco Prime Security Manager
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...
 
Geopolitics HLS Article
Geopolitics HLS ArticleGeopolitics HLS Article
Geopolitics HLS Article
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewCyber security: challenges for society- literature review
Cyber security: challenges for society- literature review
 
Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...
Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...
Analysts Probe Future of Client Architectures as HTML 5 and Client Virtualiza...
 
Be The Excuse?
Be The Excuse?Be The Excuse?
Be The Excuse?
 
Hogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing SecutityHogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing Secutity
 
Our Journey <3
Our Journey <3Our Journey <3
Our Journey <3
 
Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013
 
Urbanismo janela-otero-deber
Urbanismo janela-otero-deberUrbanismo janela-otero-deber
Urbanismo janela-otero-deber
 
Ahmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident UpdatesAhmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident Updates
 
Cents-ible Cyber Monday
Cents-ible Cyber MondayCents-ible Cyber Monday
Cents-ible Cyber Monday
 
Giving back with GitHub - Putting the Open Source back in iOS
Giving back with GitHub - Putting the Open Source back in iOSGiving back with GitHub - Putting the Open Source back in iOS
Giving back with GitHub - Putting the Open Source back in iOS
 
Osorio antonhy 3 b
Osorio antonhy 3 bOsorio antonhy 3 b
Osorio antonhy 3 b
 
Karunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident HandlingKarunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident Handling
 
Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health Security
 
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security StrategyGildas Deograt - Effective Honeynet in High Grade Security Strategy
Gildas Deograt - Effective Honeynet in High Grade Security Strategy
 
Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter
 

Similar to I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure

Smartphone
SmartphoneSmartphone
Smartphone
Naval OPSEC
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats Report
Juniper Networks
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and Threats
IRJET Journal
 
Y20151003 IoT 資訊安全_趨勢科技分享
Y20151003 IoT 資訊安全_趨勢科技分享Y20151003 IoT 資訊安全_趨勢科技分享
Y20151003 IoT 資訊安全_趨勢科技分享
m12016changTIIMP
 
A Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile MalwareA Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile Malware
IRJET Journal
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
Michael Davis
 
Smartphone Security
Smartphone SecuritySmartphone Security
Smartphone SecurityMalasta Hill
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
SHOLOVE INTERNATIONAL LLC
 
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platformsCe hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platformsMehrdad Jingoism
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
Symantec
 
10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malwareSytelReplyUK
 
Smartphones 2015
Smartphones 2015Smartphones 2015
Smartphones 2015
Sheikh Ali Asghar
 
BLURRING BOUNDARIES
BLURRING BOUNDARIESBLURRING BOUNDARIES
BLURRING BOUNDARIES
- Mark - Fullbright
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
Kulani Mahadewa
 
Unit-3.pptx
Unit-3.pptxUnit-3.pptx
Unit-3.pptx
Ramya Nellutla
 
Micro Technologies India ltd
Micro Technologies India ltdMicro Technologies India ltd
Micro Technologies India ltd
Nehul Gupta
 
Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014
Spiceworks Ziff Davis
 
Mobile security trends
Mobile security trendsMobile security trends
Mobile security trendsKen Huang
 
Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesrebelreg
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 

Similar to I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure (20)

Smartphone
SmartphoneSmartphone
Smartphone
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats Report
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and Threats
 
Y20151003 IoT 資訊安全_趨勢科技分享
Y20151003 IoT 資訊安全_趨勢科技分享Y20151003 IoT 資訊安全_趨勢科技分享
Y20151003 IoT 資訊安全_趨勢科技分享
 
A Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile MalwareA Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile Malware
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
 
Smartphone Security
Smartphone SecuritySmartphone Security
Smartphone Security
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platformsCe hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware
 
Smartphones 2015
Smartphones 2015Smartphones 2015
Smartphones 2015
 
BLURRING BOUNDARIES
BLURRING BOUNDARIESBLURRING BOUNDARIES
BLURRING BOUNDARIES
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
Unit-3.pptx
Unit-3.pptxUnit-3.pptx
Unit-3.pptx
 
Micro Technologies India ltd
Micro Technologies India ltdMicro Technologies India ltd
Micro Technologies India ltd
 
Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014
 
Mobile security trends
Mobile security trendsMobile security trends
Mobile security trends
 
Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devices
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
 

Recently uploaded

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 

Recently uploaded (20)

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 

I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure

  • 1. #ACAD-­‐CSIRT   Mobile Security, Mobile Malware & Countermeasure IGN Mantra, Chairman Email: mantra@acad-csirt.or.id, URL: acad-csirt.or.id Honeynet Seminar 2013
  • 3. #ACAD-­‐CSIRT   Why the mobile phone BOOM
  • 4. #ACAD-­‐CSIRT   The complex picture of the mobile phone market But mobile phone market share doesn’t tell the full story Source: VisionMobile
  • 5. #ACAD-­‐CSIRT   Smartphones reached 30% market share in 2011 483M units shipped worldwide Smartphone shipments as a % of total handset shipments Source: VisionMobile
  • 6. #ACAD-­‐CSIRT   Smartphone sales vary greatly by region Q2 2011 are the majority of handset sales in North America (63%) and Europe (51%) Market share Source: VisionMobile
  • 7. #ACAD-­‐CSIRT   Android became dominant smartphone OS Samsung and HTC benefited the most from Android success (Q4 2011) Smartphone market share by OEM and platform (H2 2011) Source: VisionMobile
  • 8. #ACAD-­‐CSIRT   Android turned the tables on handset makers Samsung and HTC benefited, Nokia, Motorola, Sony were challenged Beneficiaries: fast-moving challengers Efficient cost structure plus ability to differentiate in software, hardware or both low cost assemblers Cost structure optimised for razor-thin margins Android is a long-term opportunity for global reach Under pressure: old guard OEMs Cost structure requiring high-margins Commoditising effect of Android makes high- margins unattainable for OEM without own ecosystem or meaningful differentiation No Name source: VisionMobile
  • 10. #ACAD-­‐CSIRT   10 Malware Types 2013 source : boston.com Droid KungFu Geinimi Plankton Droid Dream Android. Pjapps Ikee Zitmo Hong TouTou Timifonica SymbOS. Skull
  • 11. #ACAD-­‐CSIRT   Mobile Malware Statistic 2013 Source : Kaspersky Lab
  • 12. #ACAD-­‐CSIRT   Mobile Malware Malware is software with malicious purpose. It may be designed to disable your phone, remotely control your phone, or steal valueable your information. Mobile malware uses the same techniques as a PC malware to infect mobile devices. app pc
  • 14. #ACAD-­‐CSIRT   Malware Samples Library Source : http://rogunix.com/docs/Android/Malware/
  • 15. #ACAD-­‐CSIRT   The Real Dangers of Mobile Malware Bank account password are stolen. Private information is captured. Phone data is deleted. Device is “bricked” and need replacing The phone is forced to send the sms premium numbers. (sedot pulsa). Malware infected devices can be used by botnet owners to launch attacks on digital targets.
  • 16. #ACAD-­‐CSIRT   How they get you PHISING A fake version of real site gathers your log-in ad other private informations SPYWARE Silently collects information from users and sends it to eavesdroppers EXPLOITING Some malware will exploit mobile platform vulnerabilities to gain control of the device WORM A program tha replicates itself spreading throughout a network MAN IN THE MIDDLE The attackers becomes a middle man in a communication stream and logs all information relayed between the communicating parties DIRECT ATTACK Comes from files or viruses sent right to your cell phone.
  • 18. #ACAD-­‐CSIRT   Mobile Malware & Awareness Of users say that they are unaware of security software for smartphones Of mobile users bank from a phone, yet most don’t have security measures in place 53% 24%
  • 19. #ACAD-­‐CSIRT   What should You Do and Don’t DO •  Make sure the OS and sowftware are up to date at all times •  Download apps from reputable sites and closely review app permission requests. •  Make sure to check the feedback from other users before installing the program from an app store •  User strong password •  User personal firewall •  Turn off bluetooth and other connections when not in use •  Install a mobile security application. DON’T •  Download apps from third party app repositories •  Jailbreak your phone •  Leave your “wifi ad hoc mode on” •  Accessing banking or shopping sites over a public WIFI connection •  Leave your mobile device unattended in public places.
  • 20. #ACAD-­‐CSIRT   References •  A window into Mobile device security –  http://www.symantec.com/content/en/us/about/media/pdfs/ symc_mobile_device_security_june2011.pdf •  http://www.continuitycentral.com/feature0919.html •  http://www.usatoday.com/tech/news/story/2012-03-22/ lost-phones/53707448/1] •  US-CERT Resource: Paul Ruggiero and Jon Foote, “Cyber Threats to Mobile Phones”, http://www.us- cert.gov/reading_room/ cyber_threats_to_mobile_phones.pdf) •  Top 10 android Security Riskshttp:// www.esecurityplanet.com/views/article.php/3928646/ Top-10-Android-Security-Risks.htm
  • 21. #ACAD-­‐CSIRT   TERIMA KASIH IGN MANTRA Email : incident@acad-csirt.or.id, info@acad-csirt.or.id