BY NBM WRITER
Cyber security researchers have cautioned of a rapidly changing Android landscape owing to growing proliferation of Malware and Trojan Downloaders targeting Android devices.
Surge of malicious programmes that are increasingly tricking users of mobile devices into installing potent applications disguised as legitimate apps on Google Play and other third-party app stores is causing more loses for businesses.
“It is clear that there is a growing presence of threats targeting mobile devices, in addition to a growing trend of malware being used to target corporate data, especially in countries where the largest portion of Internet usage is through mobile devices,” says Alistair Freeman, ESET East Africa’s Chief Executive Officer.
Mr Freeman reveals that ESET recently discovered fake versions of Prisma, a popular photo transformation app on the Google Play Store. Among them were also dangerous Trojan Downloaders, a new wave of threats that will most likely have an impact mainly on businesses that are mostly run off mobile devices to Personal Computers.
In the sub-Saharan region, Kenya faces a disproportionately larger threat in the mobile devices sphere as mobile data continues to drive Internet subscriptions with 23.7 million users. It is against this backdrop that a high detection rate by ensuring a Device Monitoring and Application Audit, the latter of which allows you to see which apps actually request unnecessary permissions, such as making phone calls, tracking your location, reading your browsing history, contacts, SMS, photos and calendar, come in handy.
Threat environments
Quarterly analysis of the global Threat Index by Check Point Software Technologies Ltd reveals deep disparities in the threat environments particularly in Africa, and the potential for increased attacks as cyber-criminals target mobile devices. The pure-play network cyber security vendor provides a data-based breakdown of new and prevalent threats, as well as the relative rankings of countries’ risk profiles globally, where the higher the ranking the greater the threat of cyber-attack.
At the end of the first quarter of 2016 (January – March), Nigeria was ranked 16th, moving up two places from 18th position in the preceding quarter. Developing and African nations are highly represented in the upper rankings of the index, and Nigeria was surpassed by a handful of other countries, including Namibia and Malawi in second and fourth spots respectively. In stark contrast, Kenya improved their ranking by 24 places, moving from 45th position at the end of 2015, to 69th at the end of the quarter.
The Index is coming at a time when, according to the Kenya Cyber Security report 2015, cybercrime is so advanced such that it is almost impossible to detect intrusions without the use of progressive, continuous monitoring and detection methods. It is based on threat intelligence drawn from Check Point’s ThreatCloud World Cyber Threat Map, which tracks how and where cyber attacks are taking place worldwide in real time.
Rick Rogers, Area Manager for East and West Africa at Check Point Software Technologies, says Nigeria’s worsening ranking may be due to a dramatic increase in threats targeting mobile devices specifically, while Kenya’s improvement could reflect a growing maturity in security awareness.
“It’s not immediately clear why the East and West African hubs are experiencing such different moves in terms of cyber-attacks, and we are generally seeing a lot of volatility month to month for many of the countries on the index,” says Rogers.
Although this quarter, mobile malware ranked as one of the ten most prevalent attack types affecting corporate networks and devices for the first time ever, the previously-unknown HummingBad agent (for example) was a large contributor to the new top ten positioning of mobile threats.
Discovered in February 2016, HummingBad immediately became the seventh most common malware detected targeting corporate networks and devices, and in March it moved up to the sixth top spot. HummingBad targets Android devices specifically, facilitating malicious activity such as installing key-loggers, stealing credentials and bypassing encrypted email containers used by companies, allowing for interception of corporate data. It was the third highest threat in Kenya in quarter one and seventh in Nigeria.
More than 1,500 different malware families were identified during January, 1,400 in February and 1,300 in March. Throughout the quarter, two of the most commonly used malware variants were Conficker and Sality families, with Sality ranking first in both Nigeria and Kenya. In mobile devices specifically, HummingBad ended the quarter as the top threat globally.
People in the technology zone say that the decrease in the variety of malware families reflects a concentration trend, rather than a decrease in absolute volume of threats, and is perhaps an indicator of the sophistication of the threat environment. Thus, cyber criminals do not need to develop entirely new malware but rather it is often sufficient to make small changes to existing families to circumvent security.
