|By Shelly Palmer||
|February 3, 2013 11:45 PM EST||
In the PC world, hacking, viruses and cybercrime started out fairly slowly, with pranks and viruses meant to causes a nuisance. Along the way, hackers learned how to use technology to steal real money and never be caught. Organized crime and hacker syndicates are now commonplace, and are training tomorrow’s cyber thieves. Cybercrime has surpassed drug trafficking as the most lucrative illegal business.
The Mobile Market is Ripe for Hackers
As we begin 2013, the number of mobile connected devices now exceeds the world population. Not only is it a much larger market, but one that contains a customer base that includes seniors and preteens, the favorite targets of savvy hackers. Mobile hacking is on the rise, but it has come close to hitting its stride. The number of mobile malware cases targeting Google’s Android platform went from 30,000 to 175,000 from the 2nd to 3rd quarters of 2012, according to recent report from Trend Micro.
The PC industry and its growth have spawned a new generation of tech savvy users… and the largest numbers of hackers ever to exist. Moving to mobile devices is the logical next step. As Billy the Kid famously answered when he was asked why he robbed banks: “That’s where the money is.”
Hacking mobile devices is certainly not new and good hackers don’t discriminate against any platforms or operating systems. There have already been well publicized hacks of celebrity cell phones as early as 2005. A teen famously hacked into Paris Hilton’s mobile device and revealed contacts and photos online. The same skills that might make good pranks or be the envy of friends are used for far more sinister and profitable attacks. The same teen was involved in the attack on the LexisNexis Group, exposing the personal information of more than 300,000 consumers.
The Mobile Device Makers Dirty Little Secret
Mobile manufacturers are making it easy for hackers to see everything you do. Because of the small form factor of these devices, manufacturers use a form fill feature that uses your keystrokes to determine what word you are typing. Its intentions are good in that it makes it easier for you to text, but it gives hackers access to EVERYTHING you have ever typed since you booted the phone.
They have, in essence, embedded a keylogger on every device. All your keystrokes are stored in an unencrypted cache file. All a hacker needs to do is write malware that accesses that cache and provides that data to them. If anyone is attending the RSA Security Conference in San Francisco on February 25-March 1 in San Francisco, StrikeForce Technologies will be showing how this is done at Booth 539.
Hackers can also design malware that seeks out certain words or phrases asking just the keystrokes that follow. They look for bank names (to steal your login/password credentials), your company’s VPN URL (for a potential data breach), retail sites (to steal your credit card information), as well as college application and student loan companies (to gain access to your personal and financial information).
Mobile malware has already been used for some of the world largest data breaches. FinFisher, Loozfon and Dougalek, are examples of mobile malware that have already had their day in the sun. FinFisher is a piece of spyware that hijacks your Android phone so it can be controlled remotely. It has used web links and SMS system update texts to infiltrate your device. Loozfon will steal your number and your address book. Dougalek is an SMS Trojan that led to one of the largest data breaches in history (according to Kaspersky Labs, SMS Trojans account for more than half of all mobile malware). When these types of malware are on your system, problems will follow.
Some may tell you that Apple iOS is more secure, but that isn’t necessarily true. Apple devices only run one application at a time, which makes it impossible (at this point) to run anti-malware in the background. It is true that the majority of hacks currently occur on Android devices, but that’s mainly because that’s where the larger number of users reside. In July 2012, malware was found for the first time in the IOS (Apple) App store.
The most common ways mobile malware infects your mobile devices is through app stores, phishing attacks/adware, SMS Trojans or root access malware. Google Play (Android App Store) and Apple App Store each have anti-virus programs that seek out infected files, but just as in the PC world, they are only effective against known malware. That still leaves the door wide open for zero day attacks, and any newly written malware (thousands are written every day). Malware can also be hidden inside popular applications.
There’s a Good Chance You’re Already Infected
Some reports indicate that 50 percent of mobile devices already have unpatched vulnerabilities. If your device is infected, it can be used to perpetrate friends, family, coworkers or breach your company’s VPN. Many of these malware programs include keyloggers that track every keystroke you make on your mobile keypad. They steal your credentials, personal information, login/password for banks, social media, VPN and have that information sent to them in forms of email SMS or even phone calls. Some malicious programs will just trigger your device to continuously call or text 866 or 900 numbers.
How Can I Tell if I’m Infected?
- Look for performance issues like slow responses or quirks you haven’t noticed before
- Lock up. Ransomware will lock your device and ask for money (or to click a link) to unlock it. When unlocking the device they often install keyloggers hitting you yet again.
- Watch your call history. Look for calls you don’t remember making
Mobile device hacking (and keylogging in particular) involves a wide range of crimes, including: identity theft, credit card fraud, data breaches and even physical theft (home robbery, abductions, and more). Imagine your teenage daughter is texting her friend, saying she is home alone, unaware that a keylogger is on her system. The criminal knows her address and that she is alone.
Even your photos are at risk. Actress Scarlett Johansson’s photos were stolen from her phone and posted online. Imagine what the result of a sexting incident posted online can do to someone’s reputation. A simple keylogger could ruin lives, cause terrible embarrassment, or get you fired from your job.
Download some sort of anti-virus software. Anti-virus vendors that make solutions for mobile include the usual suspects like Symantec, McAfee, Kaspersky, Lookout, Sophos, and Trend Micro, among others. Most experts agree that they do little to prevent malware on mobile devices. The entire premise of anti-malware is flawed because it only protects from the “known.” It’s akin to arresting criminals and assuming that will end crime. Although they are only marginally effective, it’s better than nothing.
Anti-malware software should be paired with keystroke encryption. StrikeForce Technologies’ MobileTrust solution provides keystroke encryption that encrypts all of your keystrokes, making it impossible for hackers (even zero day attacks) to steal your information (all hackers will see are 1234567890123456789 etc.). It also includes a password vault that stores all passwords in an encrypted database, a strong password generator enables users to create and store hard-to-crack passwords, two-factor authentication and an encrypted database.
Additional Tips to Potentially Prevent Malware
- Assume anything you type (or photograph you take) is visible to the world. Unless you have enabled keystroke encryption, don’t type anything you don’t want exposed.
- Disable the features of the phone you don’t use (less for hackers to work with)
- Check out application reviews and reliability before downloading
- Be cautious of any deals that sound too good to be true (watch the home based business scams)
- Be very careful about the types of geo-location apps you download
- If you are suspicious about a message from a friend, do not open it. Verify its origin (contact your friend) before proceeding.
- Don’t connect to unknown wireless networks
Remember, it’s up to YOU to protect yourself.
The Internet of Things (IoT), in all its myriad manifestations, has great potential. Much of that potential comes from the evolving data management and analytic (DMA) technologies and processes that allow us to gain insight from all of the IoT data that can be generated and gathered. This potential may never be met as those data sets are tied to specific industry verticals and single markets, with no clear way to use IoT data and sensor analytics to fulfill the hype being given the IoT today.
Oct. 26, 2016 07:30 AM EDT Reads: 2,800
@ThingsExpo has been named the Top 5 Most Influential M2M Brand by Onalytica in the ‘Machine to Machine: Top 100 Influencers and Brands.' Onalytica analyzed the online debate on M2M by looking at over 85,000 tweets to provide the most influential individuals and brands that drive the discussion. According to Onalytica the "analysis showed a very engaged community with a lot of interactive tweets. The M2M discussion seems to be more fragmented and driven by some of the major brands present in the...
Oct. 26, 2016 07:30 AM EDT Reads: 11,515
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Oct. 26, 2016 06:00 AM EDT Reads: 2,046
If you had a chance to enter on the ground level of the largest e-commerce market in the world – would you? China is the world’s most populated country with the second largest economy and the world’s fastest growing market. It is estimated that by 2018 the Chinese market will be reaching over $30 billion in gaming revenue alone. Admittedly for a foreign company, doing business in China can be challenging. Often changing laws, administrative regulations and the often inscrutable Chinese Interne...
Oct. 26, 2016 06:00 AM EDT Reads: 1,419
Enterprise IT has been in the era of Hybrid Cloud for some time now. But it seems most conversations about Hybrid are focused on integrating AWS, Microsoft Azure, or Google ECM into existing on-premises systems. Where is all the Private Cloud? What do technology providers need to do to make their offerings more compelling? How should enterprise IT executives and buyers define their focus, needs, and roadmap, and communicate that clearly to the providers?
Oct. 26, 2016 05:45 AM EDT Reads: 2,559
SYS-CON Events announced today that Streamlyzer will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Streamlyzer is a powerful analytics for video streaming service that enables video streaming providers to monitor and analyze QoE (Quality-of-Experience) from end-user devices in real time.
Oct. 26, 2016 05:30 AM EDT Reads: 1,045
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
Oct. 26, 2016 05:30 AM EDT Reads: 1,024
SYS-CON Events announced today that Pulzze Systems will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Pulzze Systems, Inc. provides infrastructure products for the Internet of Things to enable any connected device and system to carry out matched operations without programming. For more information, visit http://www.pulzzesystems.com.
Oct. 26, 2016 05:00 AM EDT Reads: 2,586
One of biggest questions about Big Data is “How do we harness all that information for business use quickly and effectively?” Geographic Information Systems (GIS) or spatial technology is about more than making maps, but adding critical context and meaning to data of all types, coming from all different channels – even sensors. In his session at @ThingsExpo, William (Bill) Meehan, director of utility solutions for Esri, will take a closer look at the current state of spatial technology and ar...
Oct. 26, 2016 04:30 AM EDT Reads: 1,763
Cloud based infrastructure deployment is becoming more and more appealing to customers, from Fortune 500 companies to SMEs due to its pay-as-you-go model. Enterprise storage vendors are able to reach out to these customers by integrating in cloud based deployments; this needs adaptability and interoperability of the products confirming to cloud standards such as OpenStack, CloudStack, or Azure. As compared to off the shelf commodity storage, enterprise storages by its reliability, high-availabil...
Oct. 26, 2016 04:30 AM EDT Reads: 1,195
The IoT industry is now at a crossroads, between the fast-paced innovation of technologies and the pending mass adoption by global enterprises. The complexity of combining rapidly evolving technologies and the need to establish practices for market acceleration pose a strong challenge to global enterprises as well as IoT vendors. In his session at @ThingsExpo, Clark Smith, senior product manager for Numerex, will discuss how Numerex, as an experienced, established IoT provider, has embraced a ...
Oct. 26, 2016 04:15 AM EDT Reads: 1,177
In past @ThingsExpo presentations, Joseph di Paolantonio has explored how various Internet of Things (IoT) and data management and analytics (DMA) solution spaces will come together as sensor analytics ecosystems. This year, in his session at @ThingsExpo, Joseph di Paolantonio from DataArchon, will be adding the numerous Transportation areas, from autonomous vehicles to “Uber for containers.” While IoT data in any one area of Transportation will have a huge impact in that area, combining sensor...
Oct. 26, 2016 03:45 AM EDT Reads: 1,033
In the next forty months – just over three years – businesses will undergo extraordinary changes. The exponential growth of digitization and machine learning will see a step function change in how businesses create value, satisfy customers, and outperform their competition. In the next forty months companies will take the actions that will see them get to the next level of the game called Capitalism. Or they won’t – game over. The winners of today and tomorrow think differently, follow different...
Oct. 26, 2016 02:30 AM EDT Reads: 1,067
“Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. CloudBerry Backup is a leading cross-platform cloud backup and disaster recovery solution integrated with major public cloud services, such as Amazon Web Services, Microsoft Azure and Google Cloud Platform.
Oct. 26, 2016 02:30 AM EDT Reads: 1,477
Ask someone to architect an Internet of Things (IoT) solution and you are guaranteed to see a reference to the cloud. This would lead you to believe that IoT requires the cloud to exist. However, there are many IoT use cases where the cloud is not feasible or desirable. In his session at @ThingsExpo, Dave McCarthy, Director of Products at Bsquare Corporation, will discuss the strategies that exist to extend intelligence directly to IoT devices and sensors, freeing them from the constraints of ...
Oct. 26, 2016 01:15 AM EDT Reads: 3,132
SYS-CON Events announced today that SoftNet Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. SoftNet Solutions specializes in Enterprise Solutions for Hadoop and Big Data. It offers customers the most open, robust, and value-conscious portfolio of solutions, services, and tools for the shortest route to success with Big Data. The unique differentiator is the ability to architect and ...
Oct. 26, 2016 12:00 AM EDT Reads: 1,056
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm ...
Oct. 26, 2016 12:00 AM EDT Reads: 3,895
Fifty billion connected devices and still no winning protocols standards. HTTP, WebSockets, MQTT, and CoAP seem to be leading in the IoT protocol race at the moment but many more protocols are getting introduced on a regular basis. Each protocol has its pros and cons depending on the nature of the communications. Does there really need to be only one protocol to rule them all? Of course not. In his session at @ThingsExpo, Chris Matthieu, co-founder and CTO of Octoblu, walk you through how Oct...
Oct. 26, 2016 12:00 AM EDT Reads: 3,195
A completely new computing platform is on the horizon. They’re called Microservers by some, ARM Servers by others, and sometimes even ARM-based Servers. No matter what you call them, Microservers will have a huge impact on the data center and on server computing in general. Although few people are familiar with Microservers today, their impact will be felt very soon. This is a new category of computing platform that is available today and is predicted to have triple-digit growth rates for some ...
Oct. 26, 2016 12:00 AM EDT Reads: 34,236
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, will discuss why and how ReadyTalk diverted from healthy revenue an...
Oct. 25, 2016 11:45 PM EDT Reads: 3,003