Mobile Malware Attacks: The Cyber Threat More Menacing Than Ransomware

Africa is the stage for the perfect cyber storm and mobile malware will be the leading act. Experts from Check Point Software Technologies discuss the most effective ways to guard against these attacks.

While ransomware continues to be the cyber scourge feared by organisations and countries alike, there is another more sinister malware threat which companies in Africa dare not overlook.

At least 35 times more prevalent than ransomware, mobile malware attacks are set to increase in proportion and sophistication over the coming years. Not only are mobile devices easier to hack, they also hold more sensitive – and therefore more valuable – information.

“Businesses which believe they haven’t been hit, simply haven’t realized they’ve been under attack,” comments Ryan McGee, Mobility Leader MEA for Check Point.

Businesses are Under Constant Attack

And if a business hasn’t yet registered any attacks it’s likely because mobile malware is very difficult to detect, taking up to a year before its presence becomes known.

To make matters worse, mobile attacks are incredibly lucrative. While WannaCry was made famous by its scale, it generated around just $2 million in profit. On the other hand, CopyCat, which infected millions of android devices, accumulated a whopping $16 million.

Andrew Voges, Threat Prevention Sales Leader for MEA at Check Point says traditional security products are no longer enough. Attackers are bypassing signature-based security products by using unknown threats and side-stepping first generation sandboxes with evasive techniques.

Africa Makes the Perfect Target

Not surprisingly, every region across the world can expect the intensity of these attacks to intensify, and Africa, with its high rate of mobile phone penetration, will certainly be no exception.

Currently Kenya is the global leader in share of internet traffic (83%) generated by mobile. Meanwhile, Nigeria has emerged from its economic recession to predictions that its smartphone market will grow by double digits in 2018.

Africa is quite literally the stage for the perfect cyber storm, with mobile malware as the leading act.

According to McGee, a big part of the problem is that mobile has an entire range of unique attack vectors. From infected apps to SMS attacks, WiFi attacks and OS exploits, mobile users are under fire from all sides.

Millions are Lost to Mobile Attacks

Not surprisingly, the effects can be devastating for both phone users and the companies for which they work.

McGee says breaking into the corporate network is simply the beginning. Everything from contact lists to e-mail messages and passwords can easily be stolen along with highly sensitive data. With an infected mobile device, cyber criminals can spy on their victim, taking photos and microphone recordings, and perhaps scariest of all – tracking the phone user’s location.

It becomes easy to see how millions of dollars in revenue is so easily lost to malicious mobile attacks.

The question is: what can be done about it?

Multiple Attack Vectors Require a Multi-layered Approach

Looking at the long list of attack vectors, it’s evident that comprehensive mobile security is about deploying an entire system of components that can work together in identifying a wide variety of threats, while also protecting data and addressing employee privacy concerns.

“Basically, only a solution which is able to analyse behaviour across all of the relevant attack vectors in order to effectively detect an attack, is able to keep a mobile device safe,” says Voges.

This, in essence, is the thinking behind Check Point’s SandBlast Mobile solution, which features a multi-layered security infrastructure. It identifies threats using on-device, network and cloud-based algorithms, triggering automatic defense responses.

What SandBlast Does

SandBlast has a cloud-based risk engine which identifies suspicious patterns and behaviours over time. It does this by sandboxing apps in an emulator and detecting threats at device, app and network levels.

“SandBlast applies to all surfaces, covering all attack vectors. Basically while SandBlast Threat Emulation detects and blocks unknown malware and Zero-day attacks, the Threat Extraction proactively delivers safe, reconstructed files, preserving data without interruption to business,”Voges explains.

SandBlast is also the only solution which offers Smishing prevention for iOS 11 and Android phones, meaning it’s able to block malicious text messages in real time before they do harm.

“The bottom line is that the where, when and how of mobile attacks is growing and the consequences of getting caught unawares can be devastating,” says McGee.