Web ads leading source of mobile malware

News by Steve Gold

Research from Blue Coat Systems claims to show that Web-based adverts have taken over from adult Web sites as the leading source of mobile malware.

A report just issued by security and networking specialist Blue Coat Systems notes that whilst adult content viewing on mobiles accounts for just one  percent of people's viewing, it accounts for 16 percent of malicious attacks. The situation with Web-based adverts is worse, with the attack vector accounting for 20 percent of malicious attacks.

Blue Coat's latest threats report contrasts with its November 2013 analysis, when 22 percent of malicious attacks were the result of surfing for adult content on smartphones.

Whilst the report shies away from commenting on the reduction in adult content surfing on smartphones, it does note that the upwards shift in Web-based ads causing security issues as down to the fact that so-called `malvertising' comes from the same source as legitimate mobile ads.

It also reflects the fact that people are now using their smartphones for ‘recreational activities' such as entertainment and online shopping.

According to Keith Bird, Managing Director of fellow security vendor Check Point - whose security software takes an automated approach to tackling the challenge of inappropriate activity on corporate systems and devices - the issues raised by Blue Coat's report apply to corporates and not just consumers.

"In 2013, Check Point's mobile security report surveyed 800 IT professionals worldwide, and 45 percent said that the number of mobile devices connecting to their networks had grown five-fold in just two years," he said.

He added, “This means that mobile devices could easily carry malware straight onto the corporate network from users' remote access.

"Organisations are still playing catch-up with BYOD: many are simply not aware of exactly how employees' own devices are being used for work, or what resources they are accessing," he explained.

Delving into the just-published Blue Coat report - entitled `2014 Mobile Malware Report: A New Look at Old Threats' - reveals that its authors think that it is perhaps surprising that the mobile malware problem isn't more widespread.

In part, says the report, "this relative safety from the mass market malware maelstrom that PC users face results from the lack of a cohesive underground economy."

The analysis goes on to observe that smaller screens and more difficult text entry methods have changed how we access and view online content.

And against this backdrop, the report says it is not surprising that these trends have also changed how we are exposed to malicious content.

So what is the solution?

Blue Coat advises smartphone users never to download or purchase an app outside of legitimate markets such as the App Store or Google Play.

Enterprises, meanwhile, that have BYOD or corporate mobility initiatives, need to look at pre-approving mobile apps that present a lower risk of data leakage or privacy violations. Third-party services are in the early stages of offering risk profiles on applications to help enterprises assess their exposure and balance the risks of using a particular app against the benefits.

The report suggests that corporates should also consider blocking Web advertising altogether as  a content category.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews