Virus-Infected Mobiles: Precautions And Protections

Share this ARTICLE with your colleagues on LinkedIn .

---

Programming viruses, nasty malware, and the devilish minds which create them, are increasingly targeting mobile communications devices... smartphones, pads, tablets...maybe even your Kindle. No one is fully immune -- from the day of purchase, to the downloading or installation of any seemingly-innocent application, to the logging into an infected or infection-carrier site. Old school phishing and other black hat social engineering and fraud are also still very much in fashion. Vigilance is required.

Also, as Mac users become a greater percentage of the information and communication systems marketplace, the trend will be toward finding ways to plant viruses and malware right into your MacBook Pro.

In some of these cases, the subject virus or malware may operate unnoticeably, merely slowing down performance, or causing occasional malfunctions -- or it may find its way from one piece of equipment to another (while you're synching or transferring data from one device to another) to infect other equipment. These 'viral vectors' (the means through which your information is tracked, hacked or otherwise compromised by some means of access) abound.

Being a Microsoft Windows and Internet Explorer user (rapidly being pressured into biting into the Apple for my next big purchase), I am accustomed to the annoyance of downloading different patches and updated definitions every single day, and to the ritual defragging, antivirus scanning and performance-checking which I must do several times daily.

You must install good firewall and backdoor protection, locks on your wireless addresses, antivirus/anti-malware software (which must be carefully updated from a very reliable source), and constantly scan for these invaders, lest they start purchasing shoes and beef jerky with your credit card, cleaning out your ATM, or using your information or identity for some other egregious purpose. You cannot let a day go by without running scans.


Also:

Check the legitimacy and certification of every site or source from which you may wish to download any applications; don't ever respond directly to an embedded hyperlink or clickable graphic on any warning correspondence about "having to renew or re-authorize your account", etcetera; don't open any suspicious emails or attachments -- not ever --; don't direct click on texted mobile ads which give you a special link for access to something or to subscribe to some product or service.

As a Global Futurist, I predict that biometric identification (retinal scans, facial recognition, fingerprinting, or voice recognition, alone or in combination) will help to eliminate some unauthorized access to your equipment, information and accounts, but these markers are not yet in ordinary use -- and even when these secondary security identification verifiers come into use, the virus and malware gremlins will be hard at work trying to capture and duplicate this information -- just as surely as keystroke loggers and spyware are downloaded on countless computers every day, and just as you can purchase programs [some of them are even free] which can bypass CAPTCHA code tests robotically.

Human error is the principle entry token for most of these infections.

No technology is a substitute for diligent pre-emptive and frequent testing and monitoring of your equipment, and a sample-checking from time-to-time of of your important accounts. Change passwords frequently, and be on the lookout for suspicious inbound correspondence in any form, or exciting 'free' downloads.

The following article excerpt comes to us courtesy of ZDNet, a wonderful source of technologically-oriented information which pertains to every aspect of IT in all business applications.
Finding and cleaning out your smartphone's Carrier IQ poison
Millions of iPhones, Android and other smartphones have the Carrier IQ spyware rootkit in them. Here's how to find it and try to zap it.
READ FULL STORY 

More coverage:

7 questions that Carrier IQ needs to address immediately

Senator demands answers over Carrier IQ mobile phone tracking

It bears repeating: Even when biometric identification verifiers come into use, the virus and malware gremlins will be hard at work trying to capture and duplicate this information -- just as surely as keystroke loggers and spyware are downloaded on countless computers every day, and just as you can purchase programs [some of them are even free] which can bypass CAPTCHA code tests robotically. Human error is the principle entry token for most of these infections.

You multiply the probability of infection when your employees bring work home on PCs, use resources for reference or research, have their security breached or their hardware (mobile and otherwise) become contaminated (putting the info on insertable, portable zip drives is not an answer at all) and infuse this infected material into you LAN or office network. Control data access, and test every drive, document, or media display prior to granting it access to your central operating system.

Keep your information, identity, communications and access safe!

Douglas E. Castle for InfoSphere Business Alerts And Intelligence, at http://InfoSphereBusinessAlerts.blogspot.com




Tweet

Related articles

• What To Do If Your Computer Gets Infected By A Virus (makeuseof.com)
• Source of Malware (cyberdefend.wordpress.com)
• Android is Sole Target of Malware Writers (ibtimes.com)
• What To Do If Your Phone Is Infected with DroidDream Malware (mylookout.com)
• 2011 Mobile Threat Report Finds Users Are 2.5x as Likely to Encounter Malware (mylookout.com)
• Android's popularity makes it open target for malware, says study (news.cnet.com)
• Duqu Virus Detected in Iran (ibtimes.com)
• Air Force Insists: Drone Cockpit Virus Just a 'Nuisance' (wired.com)
• U.S. Drones Still Fly Despite Reported Virus Attack (ibtimes.com)
• Seven Charged With Clickjacking IRS, Apple Links to Tune of $14 Million (wired.com)
• Feds: 4 Million Computers Hijacked (abcnews.go.com)

Stuxnet's Spawn Increases Widespread Cyberthreat - Viral Adaptation And Accelerated Evolution

Share this ARTICLE with your colleagues on LinkedIn .

---

Increasingly sophisticated malware (mostly of the trojan horse and worm varieties) is propagating and evolving in terms of sophistication at an incredible rate. These forms of malware are increasingly targeting small to middle-sized businesses which might be more vulnerable to attacks. Many of these are designed specifically to commandeer all of the systems and functions which are subject to the infected computer's control, including utilities (like HVAC, lighting, auto-locking physical security doors and zones, tracking of personnel, communications with other data systems and the like).

The following common sense precautions might prove helpful, but (lamentably) offer no certain guarantees:

1) Thoroughly screen any surfing activity, email and downloads with anti-viral and anti-malware defense sytems.

2) Do not install any new computers, peripherals, components, drives or programs which have not been thoroughly virus and malware tested. The items are frequently infected before they have even been packaged for sale. Don't be given a false sense of security because of unbroken shrinkwrap.

3) Run systemwide anti-viral and anti-malware checks with increasing frequency.

4) Maintain vigorous controls over employee outside access to internal systems.

5) Password-protect all computer access. Passwords must be algorithmically changed periodically.

6) Sensitive data should be encrypted.

7) Important information should be backed-up off-site with increased frequency.

8) For key physical security functions, manual override systems must be put into place, with their keys, codes and protocols kept in the hands of a limited number of very trustworthy individuals.

9) Limit access to critical data via mobile applications - they have increasingly become the targets (and portals) of malware and spyware attacks.
-----------------

The excerpt which follows comes to us courtesy of a ZDNet newsletter, and it makes for excellent reading.

Stuxnet 2.0? Researchers find new 'cyber-surveillance' malware threat
Symantec warns of a new high-end Trojan that's "nearly identical to Stuxnet" but notes that the malware has a completely different goal.
READ FULL STORY | 

More coverage:

Which is the most popular malware propagation tactic?

The greatest security vulnerability: You

---------------
Increased vigilance is the Human key to the threat of data dnd communications breaches by ever-more-sophisticated forms of subtle, but incredibly powerful malware. Computer dependencies must also be counter-balanced with manual systems having the potential to override computer controls which may be subject to hijacking.

Douglas E Castle
 
http://InfoSphereBusinessAlerts.blogspot.com
http://DouglasCastleRSSFeeds.blogspot.com
http://Links4LifeAlerts.com and http://feeds.feedburner.com/Links4LifeAlerts



Tweet

Related articles

• Duqu: The Next Stuxnet? (blogs.cisco.com)
• Researchers See Stuxnet-Like Threat (abcnews.go.com)
• Stuxnet Worm Precursor 'Duqu' Detected: Should Users Worry? (ibtimes.com)
• This related article contained a virus, so we burned it. (phew)
• Stuxnet Jr. - Panic spreads as two vendors squabble over Duqu's purpose (thetechherald.com)
• Duqu - a new Stuxnet-like threat? (spaceandcyber.wordpress.com)
• Stuxnet creators suspected to be behind new Duqu virus (inquisitr.com)
• Hungarian Lab found Stuxnet-like Duqu malware (zdnet.com)
• 3 Lessons Learned From Duqu Malware (informationweek.com)
• How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History (wired.com)
• U.S. Considered Hacking Libya's Air Defense to Disable Radar (wired.com)
• Researchers Say Vulnerabilities Could Let Hackers Spring Prisoners From Cells (wired.com)
• Senior Defense Official Caught Hedging on U.S. Involvement in Stuxnet (wired.com)
• Threat Level's Kim Zetter Writing the Book on Stuxnet (wired.com)
• Infrastructure at Risk From Fed's Failure to Share Info, Security Researchers Charge - Wired News (wired.com)
• Hacking the Lights Out: The Computer Virus Threat to the Electrical Grid (preview) (scientificamerican.com)
• Kevin Mitnick Rates Today's Blackhats (wired.com)
• Duqu Worm: Precursor to a More Devastating Attack? (technorati.com)
• Precursor To the Next Stuxnet? (it.slashdot.org)
• Duqu not created by authors of Stuxnet worm, says security company (infoworld.com)
• Duqu, Stuxnet malware link unclear (infoworld.com)
• What Is Duqu Up To? (informationweek.com)
• Alert: Mobile Malware Threats Increase. (infospherebusinessalerts.blogspot.com)
• Hardcoded Password and Other Security Holes Found in Siemens Control Systems (wired.com)
• Microsoft defends against espionage virus (telegraph.co.uk)

Alert: Mobile Malware Threats Increase.

Share this ARTICLE with your colleagues on LinkedIn .

---

We are constantly concerned about viruses, worms, keystroke loggers, and all manner of malware on our computers. We usually take precautions by deploying anti-virus and anti-malware utilities to identify and neutralize these threats. We are accustomed to them, and so we are seldom taken by surprise. The anti-virus and anti-malware detection criteria are being dynamically updated by the hour.

With the integration of different types of media, such as tablets, mobile communications gear, Skype (VoIP), and the like into the Internet, our vulnerability to the threat of viruses and other debilitating malware extends automatically to these other media. These media are not only internet-dependent (and the internet is highly compromised in so many ways), but they represent new access routes through which malware cannot only be promulgated, but introduced.

With the increase in mobile device usage and dependence (everything from text messaging to surfing the net), it was only a matter of time before hackers, phishers, black-hat social engineers and identity thieves would focus their attentions upon these tools.

An article excerpt from ZDNet follows to provide you with further information about the nature and proliferation vectors of these threats. In the interim, I would urge extreme caution in integrating phone functions with data accessing functions, as well as heightened vigilance in securing these tools with passwords, and being very, very careful when downloading applications from any source.

The report follows:

Mobile malware: A clear and present danger

A group of Berkeley researchers take a long, hard look at mobile malware. What they found should interest you. Read more

---------------
Due to the growing nature of this threat, and our growing societal and business dependency on these mobile devices, InfoSphere Business Alerts will be keeping you posted with every significant update -- both in terms of the problem, and in terms of some suggested defense tools and strategies .

Douglas E Castle





Tweet

Related articles

• Son of Stuxnet Found in the Wild on Systems in Europe (wired.com)
• Virus Alert: Photos of Dead Gaddafi Spreading Malware (technorati.com)
• U.S. Drones Still Fly Despite Reported Virus Attack (ibtimes.com)
• How the M00p Malware Gang Was Brought Down (wired.com)
• Google Notices Will Warn Search Users of Malware (pcworld.com)
• Android Malware Found in Angry Birds Apps (wired.com)
• New Laws of Anti-Malware Technology #2: Malware Protection Capabilities Should Neither be Viewed Nor Designed as a "Stack" (sourcefire.com)
• Generic Polymorphic Malware (it-sideways.com)
• iPhone Accelerometer Could Spy on Computer Keystrokes (wired.com)
• Could Google Fast Flip Have Survived on Tablets? (mashable.com)
• A Look At The Size, Shape And Growing Threat Of Malware Networks [Infographic] (techcrunch.com)
• Mentos Creates The Negative Tweet Eliminator App (great-ads.blogspot.com)