Author: Mahesh Balan

After examining general trends and statistics for malware infections in devices connected through mobile and fixed networks, Nokia found a sharp rise in the occurrence of smartphone malware infections in the first half of the year.

Mobile malware samples since July 2012

Smartphone infections nearly doubled between January and July compared to the latter half of 2015, with smartphones accounting for 78 percent of all mobile network infections. The malware infection rate hit an all-time high in April, with infections striking 1.06 percent of all mobile devices tracked.

Devices running Android were the most targeted mobile platform by far, representing 74 percent of all mobile malware infections.

“Today attackers are targeting a broader range of applications and platforms, including popular mobile games and new IoT devices, and developing more sophisticated and destructive forms of malware. Nokia’s network-based security solution is the best approach to address this growing threat to all types of devices. It detects and prevents malware activity that device-based solutions may miss,” said Kevin McNamee, head of the Nokia Threat Intelligence Lab.

Most prolific malware

Key findings

96-percent surge in smartphone infections: The average smartphone infection rate increased 96 percent in the first half of 2016, compared to the second half of 2015 (0.49 percent vs 0.25 percent).

New all-time high: In April 2016, mobile infections hit an all-time high, with 1.06 percent of devices infected by a range of malware, including ransomware, spyphone applications, SMS Trojans, personal information theft and aggressive adware.

One out of 120 smartphones infected: In April, one out of every 120 smartphones had some type of malware infection.

Android OS hit hardest: Android smartphones were the most targeted mobile platform, accounting for 74 percent of all malware infections compared to Window/PC systems (22 percent), and other platforms, including iOS devices (4 percent).

75 percent jump in malware samples: The number of infected Android apps in Nokia’s malware database soared 75 percent, from 5.1 million in December 2015 to 8.9 million in July 2016.

Mobile game infections detected within hours: Downloaded mobile applications are a key conduit for malware attacks. The Nokia Threat Intelligence Lab detected infected copies of an extremely popular mobile game within hours after they were posted on untrusted third-party download sites.

More sophisticated malware: Malware is becoming increasingly more sophisticated, as new variations attempt to root the phone in order to provide complete control and establish a permanent presence on the device.

Top three mobile threats: The top three mobile malware threats were Uapush.A, Kasandra.B and SMSTracker, together accounting for 47 percent of all infections.

Fixed residential network infections rise: The overall monthly infection rate in residential fixed broadband networks reached an average of 12 percent in the first half of 2016, compared to 11 percent in late 2015, primarily due to an increase in moderate threat level adware. These infections are mostly due to malware on Windows PCs and laptops in the home, but also include infections on smartphones using home WiFi.

The Cloud Security Alliance (CSA) released the new handbook from the CSA Big Data Working Group, outlining the 100 best practices in Big Data security.

The Big Data Security and Privacy Handbook: 100 Best Practices in Big Data Security and Privacy strives to detail the best practices that should be followed by any big data service provider to fortify their infrastructure.

The term Big Data refers to the massive amounts of digital information companies and governments collect about human beings and their environment. The amount of data generated is expected to double every two years from 2500 exabytes in 2012 to 40,000 exabytes in 2020. Large-scale cloud infrastructures, diversity of data sources and formats, the streaming nature of data acquisition and high-volume, inter-cloud migration all play a role in the creation of unique security vulnerabilities.

“This is an important initiative for the cloud community as new security challenges have arisen from the coupling of big data with public cloud environments. As big data expands through streaming cloud technology, traditional security mechanisms tailored to secure small-scale, static data on firewalled and semi-isolated networks are inadequate,” said J.R. Santos, Executive Vice President of Research for the CSA. “Security and privacy issues are magnified by this volume, variety and velocity of big data. This handbook serves as a comprehensive list of best practices for companies to use when securing big data.”

The handbook provides a roster of 100 best practices, ranging from typical cybersecurity measures, such as authentication and access control, to state-of-the-art cryptographic technologies. It addresses why these security measures are needed as well as how they can be implemented.