Mobile malware threatens PH, SEA

As the remote work setup continues in the pandemic, mobile malware plagues businesses in the Philippines and the rest of Southeast Asia(SEA), according to the latest report of cybersecurity firm, Kaspersky.

Mobile malware is malicious software infecting mobile devices - handsets, tablets and other smart gadgets.

Overall, the Philippines ranked 3rd in SEA with the most blocked mobile malware in 2020 with 55,622 attempts and currently logged 22,248 combined attacks in Q1 and Q2 of 2021.

In the first half of 2021 alone, Kaspersky foiled over 2,000 mobile malware per day in SEA.

Kaspersky detected and blocked 382,578 mobile attacks against users in SEA during the first half of 2021.

This is a 14% increase compared with the same period last year with 336,680 incidents.

While working virtually keeps the population safer physically, it opens vulnerabilities against enterprises.

Even though the Bring Your Own Device (BYOD) has been a trend before the pandemic, its use has increased exponentially since 2020 as companies adapted their IT infrastructure for business continuity.

This, in turn, increased employee’s role in a company’s network security.

A survey done by Kaspersky last year revealed that a little more than two-thirds of respondents are using a personal device to work from home.

Aside from this, employees are also using their work gadgets for personal activities such as watching video and educational content, reading news, and playing video games.

Most interestingly, 33% of the 6,017 employees surveyed worldwide last year admitted to using their office devices to watch adult content, a type of content often targeted by cybercriminals.

“Laptops are the main workhorse but mobile devices have also been used to access office emails and work-related systems even before the pandemic," says Yeo Siang Tiong, General Manager for Southeast Asia.

"It is a risky but a known practice that the same handsets are also being used for personal tasks and accessing guilty pleasures," he noted.

"With this trend being more rampant in a virtual home office, companies should revisit their policies, access rights, and security set-up to block cybercriminals from entering their enterprise network through infected smartphones,” the GM warned.

While mobile malware hasn't quite caught up to its PC counterpart in terms of volume or complexity, experts are seeing more mobile-specific malware designed to prey on smartphone features or tablet vulnerabilities.

In the continuing era of remote work, a mobile malware can steal an individual's personal data and be a launchpad for a targeted attack against a user’s employer.

Since 2020, Kaspersky’s telemetry has been monitoring and blocking no less than a hundred thousand mobile malware attacks in SEA per quarter.

The first three months of 2021 logged the highest number since last year with 205,995 detected incidents.

Common mobile threats in SEA include Trojans – malicious programs that perform actions which are not authorized by the user.

They delete, block, modify or copy data, and disrupt the performance of computers or computer networks.

On the other hand, the Trojan-Downloader installs new versions of malicious programs, including Trojans and AdWare on victim computers.

Once downloaded from the Internet, the programs are launched or included on a list of programs which will run automatically when the operating system boots up.

Trojan-Droppers are also common. These secretly install malicious programs built into their code to victim’s computers.

The malicious program usually saves a range of files to the victim’s drive, and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.).

“Both employees and CIOs in the region are embracing the current remote work and the future hybrid environment. It has its perks but its cybersecurity loopholes should be taken considerably,"Yeo syressed.

"BYOD is here to stay and companies should beef up their defenses. It is important to train their employees, keep them informed about latest threats online, and provide them with tools such as encrypted devices, endpoint protections and VPN," he advised.

"Most importantly, build a culture of trust and shared responsibility towards enterprise security,” Yeo concluded.