If it seemed like 2014 was a banner year for cybercriminals, that’s probably because it was. According to one recent report, there were 312 data breaches last year, an increase of 23 percent from 2013. Ransomware attack also saw a major increase, with 8.8 million incidents occurring in 2014, more than double the number from 2013.
One of the most worrying cybercrime trends revealed in the report is the increase in mobile malware targeting devices running Android operating systems – the most popular platform for mobile devices. According to the study, 17 percent of all Android apps – nearly 1 million programs – are actually malicious software. In 2013, the firm discovered 700,000 malicious apps, marking a pretty significant increase. More than one-third of the phony apps turned out to be what is known as ‘grayware’, or software that leaves spam messages and ads on a mobile device. The first instance of mobile ransomware for Android devices was also found during the research.
“While there was a slight increase in targeted spear-phishing attacks (those aimed at a specific company), hackers widely used ‘watering hole’ attacks and ‘trojanized’ software updates to breach defenses,” Tech Times contributor Fergal Gallagher wrote. “Watering hole attacks infect legitimate websites, then monitor the visitors and selectively target the particular companies. Hackers also hid their malware inside common software updates, then waited for certain companies to download those updates (hence the trojanized name), effectively causing the targeted businesses to infect themselves.”
With the popularity of bring-your-own-device programs continuing to grow, the emergence of Android malware and ransomware can pose a major threat to businesses. Without the proper precautions in place, employees can unknowingly download a malicious application and put a company’s entire network at risk for a data breach.
Businesses looking to reduce the security risks facing their organizations while still providing employees with the benefits of mobility should consider implementing a whitelisting program. This type of security is a reliable way to increase network protection and eliminate unwanted, malicious applications. Software like Faronics’ Anti-Executable enterprise solution ensures that employees are only able to run approved applications, greatly reducing the the possibility of malicious applications installing malware on company networks.