Malware is Everywhere

It is a truth universally acknowledged that every device on earth--mobile or desktop—has a seer possibility of being infected by some sort of malware at one point of time in one form or the other. However, the propensity of a malware attack is a subject of dispute. Served in myriad, disguised forms, this keeps IT managers in every organization always on their heels the year round. Given the threat landscape becoming complex, it is important for organizations and individuals to understand the need to deal with malware threats in time. But it is seen that most organizations take these threats lightly. They are potential danger to a company's data and an individual's privacy.

Malware travels through a number of means such as malicious URLs, SMS phishing (also known as smishing), application downloads, file transfers, pen drives, advertisements, etc. Since the threat landscape has shifted to mobile because of increased usages of mobile internet through smart devices, malware threats on mobile platforms have seen a sudden spike.

Scary threat landscape

A study conducted by NQ Mobile presents us with facts how mobile platforms have turned into hot spots for malware enthusiasts. The study found that malware threats in general on mobile platforms grew 163 % in 2012. With data collected through its security labs, NQ discovered more than 65,000 identified distinct forms of app repackaging, malicious URLs and SMS phishing. Since Android is the widely used platform on the mobile, most attacks (95%) were geared towards Andriod devices.

Another study points at how social media is turning into a hotbed of malware. Facebook users often get attacked with different kind of malware that loops users through seductive links and free apps. One of the most prolific malware strains was the Koobface program that targets social media users with fake messages which appear as sent by the family members, friends or other acquaintances. The messages urge them to follow a link to a malicious location where they will be offered a Flash update. However, if the individual agrees to download, his or her system becomes infected with a virulent strain of malware allowing hackers to deploy the machine's computing resources to their botnet campaigns.

Omnipresent malware has built up a threat landscape where keeping users in a secured environment is becoming a challenge. Malware has sought ways to penetrate into every platform we use—internet browsing on desktops, enterprise networks, social networks and mobile phones, among others. Even the app stores which have gained popularity due to the rising use of smartphones and tablets are serving malware in thick volumes. A Trend Micro study reveals that 292,091 apps on Google Play store were found malicious. Around 22% of these malicious apps were found indulged in leaking the user information to third party. Trend Micro has also predicted that malicious and high-risk Android apps will hit 1 million sometime this year.

Similarly advertisements appearing on the mobile phones somehow and in few cases are serving malware (also known as adware). While not inherently malicious, adware is often abused by cybercriminals for their own gains. Adware not only employs aggressive advertising tactics like persistent notifications, but also collects the user information which can be construed as a violation of the user's privacy.

Most companies underestimate threats

While malware poses a sever threat to a company or individual, it is often seen that they do not take them seriously. Most companies greatly underestimate the number of malicious programs appearing daily, a global survey commissioned by Kaspersky Lab of more than 2,000 IT professionals underlines. It is when nearly 200,000 new malware samples appear around the world each day. Many of the IT professionals do not even keep regular track of the malware threats which points out at their lax approach to deal with the threats.

Fortification

In nutshell, organizations must take cognizance of the threats which can compromise the privacy of their company and employee data. A lax approach only leaves door ajar for cybercriminals and is not in the interest of their organization and its long term goals. Trends indicate we’ll only encounter more attacks, designed creatively. In a recent instance, security researchers discovered a new type of malware that uses an Android device as a launch platform for infecting a target computer via USB. So malware are now being designed exclusively to target a specific device. This kind of malware might be difficult to identify. Thus, it is urgent for IT personnels to equip with systems and solutions in place that can detect threats in advance of infection and prevent them.