10 Quick Tips to Mobile Security

Mobile security is a topic I return to again and again and why not? Considering the proliferation of smartphone among the urban population of India and the demand for the same even in rural outbacks with poor internet connectivity, it is imperative to remind ourselves that along with all the advantages (and there are many) these devices can be sources of danger for users, especially kids. And though we are aware of many of these threats, we may not be aware of ALL of them.

I was reminded of the dangers related to these phones upon reading the McAfee Q4 2011 Threat Report.  Some findings related to mobile malware caught my attention:

•     Growth in almost all areas of malware and spam declined, with the exception of mobile-based malware
•     Mobile malware rose during the quarter and recorded its busiest year to date
•     Android firmly fixed as the largest target for writers of mobile malware
•     Much of the Android malware has been for-profit SMS-sending Trojans, which help cybercriminals to hijack phones to send messages that cost their owners money

So here are the promised 10 quick tips to protect your mobile phones:

1.    Beware of third-party applications; download from a reputable app store only

2.    Read other users’ reviews and make sure the app’s access permissions make sense

3.    Be wary of unnecessary permissions asked for, like an alarm clock app asking to access your contacts

4.    Protect yourself against data loss, by backing up your mobile device regularly

5.    Be wary of what you click while browsing the web, as malware makers use ads to trick smartphone users into installing infected apps

6.    Have difficult-to-guess passwords for your phone, just like you do for your PC

7.    Turn off Bluetooth and other connections when not in use

8.    Don’t use geotagging while clicking snaps. When you share them immediately, people will come to know your exact location

9.    Install an advanced and comprehensive security software in your phone to protect your devices

10.  Do use a personal firewall

 A quick word on the next generation of McAfee® MobileSecuritysoftware, which offers greater control to smartphone and tablet owners over their privacy as well as protects them from financial fraud, identity theft and viruses. It is inclusive of the new McAfee App Alert™, which provides important information about what apps are doing with users’ personal information. Besides this, it also offers:

•     Call and SMS Filtering: Easily filters out spammers, incorrect numbers and unwanted texts
•     Online Management: The McAfee Web portal lets users quickly execute needed security tasks, such as backup, restore, locate, and remote lock and wipe
•     Uninstall Protection: Prevents a thief or another user from bypassing their McAfee mobile protection
•     Complete Anti-virus, Anti-spyware and Anti-phishing Protection
•     Anti-theft protection including device locking

So go on, enjoy your smartphone to the hilt, confident in the knowledge that you, your kids, your phone and your data are all safe.


By Anindita Mishra

The Four Phases of Every Attack

Let’s face it, threats have gotten much more complex; like complex mechanisms they use multiple, consecutive methods to attack. At McAfee, our research teams continually analyze the threat landscape, and define threats in terms of their attack mechanisms, which consistently fall into four categories. First malware needs a way to come in contact with unsuspecting users.  Second, they then use a diversity of ways to enter your system and begin to write files to disk and modify your system. Third, they use several means to hide from detection before they even begin to do their dirty work of stealing personal information or scare you into buying useless  security software. Its not until the fourth phase do they really start to do their unscrupulous business.

In this discussion, we will share some research showing the four phases of every malicious attack and in a follow on blog, with provide some recommendations as to how you can protect yourself and your business.

    First, lets look at the first phase of how modern threats operate; How the attacker first crosses path with its victim.  The most common form of first contact is via a malicious web site. The web continues to be a dangerous place for the uninformed and unprotected. Websites can become malicious on purpose or by infection and host malware, potentially unwanted programs, or phishing sites. In 2011, McAfee Labs recorded an average of 6,500 new bad sites per day; in one quarter that figure shot up to 9,300. We also noticed that about one in every 400 URLs we attempted to load were malicious; some days that number was one in every 200 URLs!  Protecting users from these sites becomes essential to protection and actually offers the least expensive way to maintain a secure environment. Other important methods include physical access such as thumb drives used by Advances Persistent Threats or APT’s,  unsolicited messages from social media sites,  and network access from misconfigured or unsecure wireless networks.

    Phase 2 is the ways the attacker gets code running first time on target machine. The vast majority of the time the code will exploit one or more of the thousands of vulnerabilities in common, legitimate applications or in the operating system itself.  If the malware can take down or otherwise subvert the protections in existing software it can write its code to disk and move onto phase three.

    In phase 3, the goal is to persist the malicious code on the system, so that it can survive reboot, stay hidden from security measures as well as hide itself from the user. The code can hide itself in known good processes, block access to security software updates, disable the Windows task manager, Windows Safe Mode, System Restore, the Firewall, Microsoft Security Center as well as change browser security settings. Rootkits and other advanced attacks have been particularly difficult to stop as they will many times load prior to the operating system, effectively hiding from security software

    And finally in phase 4, we get to the real reason for the malware, its ‘business logic’; what the attacker wants to accomplish. This could be stealing identities, passwords, bank fraud, force the purchase Fake AntiVirus software, steal intellectual property, or sell bot network services.

In my next blog, I will discuss ways in which today’s security products can be used  protect you in each of the 4 phases.

By Dan Wolff