Mobile device users worldwide faced a steadily growing number of malware threats throughout 2016. Smartphones were most at risk, accounting for 85 percent of total mobile malware infections globally in 2016’s second half, according to Nokia’s latest, bi-annual “Threat Intelligence Report.”
The annual total of mobile device malware infections reached a record high in 2016. October’s tally represented 1.35 percent of all mobile devices in October, the highest infection rate Nokia has recorded since it began tracking malware threats and infections in 2012.
Smartphone malware infections rose nearly 400 percent year-to-year in 2016, according to Nokia’s count. Reflective of their collective prevalence in markets worldwide, Android-based smartphones were the main target.
Similarly, Apple iPhones were popular targets in 2016’s second half, primarily by Spyphone surveillance software, which tracks users’ calls, text messages, social media applications, Web searches, GPS locations and other activities. The nature of Spyphone surveillance software and the data it collects raises the question of how widespread usage is, and just who exactly is using it.
Mobile Malware Infections
2016’s mobile device malware infections also highlighted the security vulnerability of the rapidly growing number of “Internet of Things” (IoT) devices and networks. The results emphasize the need for the industry to reassess IoT deployment strategies so as to better ensure the IoT is securely configured, managed and monitored, the report’s authors state.
“The security of IoT devices has become a major concern. The Mirai botnet attacks last year demonstrated how thousands of unsecured IoT devices could easily be hijacked to launch crippling DDoS attacks,” said Kevin McNamee, who leads the Nokia Threat Intelligence Lab.
“As the number and types of IoT devices continue to proliferate, the risks will only increase.”
Other key findings from the first of Nokia’s 2017 Threat Intelligence reports include:
- Mobile device infection rate continues to climb: The overall infection rate increased 63 percent in the second half of 2016, compared to the first half of the year.
- New all-time high: The mobile device infection rate rose steadily throughout 2016, reaching 1.35 percent in October (vs. 1.06 percent in April 2016) – the highest level recorded since the study started in 2012.
- Smartphones the top target: Smartphones were the top malware targets by far, accounting for 85 percent of all mobile device infections in the second half of 2016. Smartphone infections increased 83 percent during this period compared to the first half of the year (0.90 percent vs 0.49 percent), and increased nearly 400 percent in 2016.
- Major IoT device vulnerabilities: In late 2016, the Mirai botnet assembled an army of compromised IoT devices to launch three of the largest DDoS attacks in history, including an assault that took down many high-profile web services. These attacks underscored the urgent requirement for more robust security capabilities to protect IoT devices from future attacks and exploitation.
- Malware seeks a bite out of Apple: Android-based devices continue to be the primary target for malware attacks (81 percent). However, iOS and other mobile devices were also targeted in the second half of the year (4 percent).
- Decrease in Windows/PC infections: Windows/PC systems accounted for 15 percent of malware infections in the second half of 2016, down from 22 percent in the first half of the year.
- Fixed network infections continue decline: The monthly infection rate in residential fixed broadband networks averaged 10.7 percent in the second half of 2016, down from 12 percent in the first half, and down from 11 percent in late 2015. While moderate threat level adware activity decreased in the second half of 2016, high-level threats (e.g., bots, rootkits, keyloggers and banking Trojans) remained steady at approximately six percent.