- Mobile device malware infection rates increased steadily in 2016, reaching an all-time high
- Smartphones hit hardest: infections rose nearly 400 percent in 2016, and accounted for 85 percent of all mobile device infections in the second half of 2016
- Massive Distributed Denial of Service (DDoS) attacks revealed urgent need for improved Internet of Things (IoT) device security
27 March 2017
Espoo, Finland - Nokia today issued its latest Threat Intelligence Report, revealing a new all-time high in mobile device malware infections, a sharp increase in compromised smartphones and major IoT device security vulnerabilities.
Issued twice per year, the Nokia Threat Intelligence Report examines general trends and statistics for infections in devices connected through mobile and fixed networks around the world.
The latest report revealed a steady increase in mobile device infections throughout 2016, with malware striking 1.35 percent of all mobile devices in October - the highest level seen since reporting started in 2012. The report also revealed a surge of nearly 400 percent in smartphone malware attacks in 2016. Smartphones were the most-targeted devices in the second half of the year, accounting for 85 percent of all mobile device infections.
While Android(TM)-based smartphones and tablets continued to be the primary targets, reflecting the prevalence of the operating system worldwide, iOS-based devices also suffered attacks in the second half of the year, primarily by Spyphone surveillance software that tracks users' calls, text messages, social media applications, web searches, GPS locations and other activities.
The Threat Intelligence Report also exposed major vulnerabilities in the rapidly expanding universe of IoT devices, underscoring the need for the industry to re-evaluate its IoT deployment strategies to ensure these devices are securely configured, managed and monitored.
Kevin McNamee, head of the Nokia Threat Intelligence Lab, said: "The security of IoT devices has become a major concern. The Mirai botnet attacks last year demonstrated how thousands of unsecured IoT devices could easily be hijacked to launch crippling DDoS attacks. As the number and types of IoT devices continue to proliferate, the risks will only increase. Nokia's network-based security can help address this growing threat by detecting activity before a DDoS attack occurs, enabling service providers to take corrective actions that mitigate the impact."
Key findings of the latest Nokia Threat Intelligence Report include:
- Mobile device infection rate continues to climb: The overall infection rate increased 63 percent in the second half of 2016, compared to the first half of the year.
- New all-time high: The mobile device infection rate rose steadily throughout 2016, reaching 1.35 percent in October (vs. 1.06 percent in April 2016) - the highest level recorded since the study started in 2012.
- Smartphones the top target: Smartphones were the top malware targets by far, accounting for 85 percent of all mobile device infections in the second half of 2016. Smartphone infections increased 83 percent during this period compared to the first half of the year (0.90 percent vs 0.49 percent), and increased nearly 400 percent in 2016.
- Major IoT device vulnerabilities: In late 2016, the Mirai botnet assembled an army of compromised IoT devices to launch three of the largest DDoS attacks in history, including an assault that took down many high-profile web services. These attacks underscored the urgent requirement for more robust security capabilities to protect IoT devices from future attacks and exploitation.
- Malware seeks a bite out of Apple: Android-based devices continue to be the primary target for malware attacks (81 percent). However, iOS and other mobile devices were also targeted in the second half of the year (4 percent).
- Decrease in Windows/PC infections: Windows/PC systems accounted for 15 percent of malware infections in the second half of 2016, down from 22 percent in the first half of the year.
- Fixed network infections continue decline: The monthly infection rate in residential fixed broadband networks averaged 10.7 percent in the second half of 2016, down from 12 percent in the first half, and down from 11 percent in late 2015. While moderate threat level adware activity decreased in the second half of 2016, high-level threats (e.g., bots, rootkits, keyloggers and banking Trojans) remained steady at approximately six percent.
The Nokia Threat Intelligence Report aggregates data from deployments of the Nokia NetGuard Endpoint Security (NES) network-based anti-malware solution. NES analyzes traffic patterns from within service provider networks for evidence of malware infections in more than 100 million devices worldwide, including mobile phones, laptops, notepads and a broad range of IoT devices.
NES is much more efficient than traditional antivirus software, as it cannot be disabled and protects mobile and fixed network devices without requiring any on-board security software. It enables service providers to deliver superior protection while providing valuable insights to better manage and maintain the security of their networks.
Resources
- Website: Nokia NetGuard Endpoint Security