{"id":77068,"date":"2015-05-26T17:22:26","date_gmt":"2015-05-26T21:22:26","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2021-08-08T17:20:07","modified_gmt":"2021-08-08T21:20:07","slug":"mobile-malware-fud","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/mobile-malware-fud\/","title":{"rendered":"Mobile Malware FUD?"},"content":{"rendered":"

\"Mobile<\/a>Just last week, I wondered out loud<\/a> from my Bach Seat<\/a><\/em> if all the hype around mobile malware<\/strong> was real or just more FUD<\/strong>. Looks like I am not alone, TechCo<\/a><\/em> recently asked a similar question, \u201cAre We Overstating the Threats from Mobile Devices?<\/a>\u201d<\/p>\n

\"mobileThe author cites several recent reports that back up the claim that the actual mobile threats<\/strong> that mobile devices introduce into the enterprise<\/strong> are overstated. The data indicates that the mobile malware threat is statistically small and has even decreased since 2012.<\/p>\n

\u2022 A McAfee<\/a><\/strong> report<\/a> shows out of all the malware now out there, only 1.9% of it is mobile malware. The author equates the mobile threat to 4\u00a0million \/ 195 million McAfee knows about.
\n\u2022 Another report<\/a>\u00a0(PDF) from\u00a0Verizon<\/a><\/strong> (VZ<\/a>)\u00a0shows even lower numbers, with only 0.03 percent of smartphones being infected with what is called \u201chigher grade malicious code<\/a>.\u201d
\n\"hit<\/a>\u2022 But some numbers go even lower than that. Damballa<\/a><\/strong>, a mobile security vendor that monitors roughly half of mobile data traffic, recently released a report<\/a> that claims you have a better chance of getting hit by lightning<\/strong> than by mobile malware.\u00a0Dramballa found only 9,688 smartphones out of more than 150 million showed signs of malware infection. If you do the math, that comes out to an infection rate of 0.0064 percent.<\/p>\n

Even more interesting is that despite the increase in mobile devices, Damballa found the infection rate had declined<\/strong> by half compared to 2012.<\/p>\n

\"Walled<\/a>These reports may show mobile threats aren\u2019t as big of a problem as previously thought, but the author asks, why the numbers are so low at all. After all, cybercriminals like to target new platforms and exploit security weaknesses. Why do they seem to be avoiding mobile devices?<\/p>\n

The truth of the matter is that mobile users tend to get their apps from high-quality app stores. The stores from\u00a0Google<\/a> <\/strong>(GOOG<\/a>) and\u00a0Apple<\/a><\/strong> (AAPL<\/a>)\u00a0work to filter out suspicious apps. If malware is found in apps after they\u2019ve already been on the market for a while, app stores can also execute a kill switch, which takes the app off the store and the devices where they were downloaded. This limits malware\u2019s ability to spread<\/strong>.<\/p>\n

\"remotely<\/a>The article concludes\u00a0that companies that adopt BYOD<\/a> should just ignore BYOD security; they just don\u2019t have to go all-out as many businesses have done. Most mobile security experts say a mobile device management<\/strong> system remains a good investment to make sure mobile devices are handled appropriately. MDM<\/a> systems also allow an organization to remotely wipe devices<\/strong>, thus keeping sensitive data safe in the event a device is lost or stolen. But malware really isn\u2019t a factor in those cases, so the overall message from these recent reports is that getting worked up over mobile threats is not necessary. A company can still gain all the benefits of BYOD without having to worry incessantly over what they\u2019re doing to protect every device that connects to their network.<\/p>\n

rb-<\/strong><\/p>\n

What do you think?<\/p>\n

\n\t
\n\t\t

<\/p>\n\t\t

<\/p>\n\t\t

Is mobile malware over-hyped FUD?<\/strong><\/p>