Report Reveals Mobile Security Exploits to Double in 2011

ARMONK, N.Y., Sept. 29, 2011 /PRNewswire/ — IBM (NYSE: IBM) today released the results of its X-Force 2011 Mid-Year Trend and Risk Report, which demonstrates the rapidly changing security landscape characterized by high-profile attacks, growing mobile vulnerabilities and more sophisticated threats such as “whaling.” To help clients combat these and other security issues, IBM is opening the Institute for Advanced Security for Asia Pacific, which joins the IBM Institutes in North America and Europe.

Mobile Exploits on Track to Double

Adoption of mobile devices such as smartphones and tablets in the enterprise, including the “Bring Your Own Device” approach, which allows personal devices to access the corporate network, is raising new security concerns. IBM X-Force has documented a steady rise in the disclosure of security vulnerabilities affecting these devices.  X-Force research recommends that IT teams consistently employ anti-malware and patch management software for phones in enterprise environments. Key findings include:

  • X-Force is projecting that the year 2011 will see twice the number of mobile exploit releases that occurred in 2010. X-Force has observed that many mobile phone vendors do not rapidly push out security updates for their devices;
  • Malicious software targeting mobile phones is often distributed through third-party app markets. Mobile phones are an increasingly attractive platform for malware developers as the sheer size of the user base is growing rapidly, and there is an easy way to monetize mobile phone infections. Malware distributors can set up premium texting (SMS messaging) services that charge users that text to a specific number. Malware then sends text messages to those premium numbers from infected phones; and
  • Some mobile malware is designed to collect end user’s personal information. This data could then be used in phishing attacks or for identity theft. Mobile malware is often capable of spying on victim’s personal communications as well as monitoring and tracking their physical movements via the GPS capabilities common in these phones.

“For years, observers have been wondering when malware would become a real problem for the latest generation of mobile devices,” said Tom Cross, manager of Threat Intelligence and Strategy for IBM X-Force. “It appears that the wait is over.”

Leave a Reply