DOROS HADJIZENONOS, Country Manager of Check Point South Africa, explores why mobile ransomware has become the biggest mobile security threat, and how users can guard against it.
Imitation is a quick way to learn, which is why mobile malware is evolving so rapidly – it frequently imitates attack behaviours and trends that were first trialled and proven to work in the PC world. Mobile ransomware is following this path, with the aim of replicating the success that PC-based ransomware has had in extorting money from individuals and organisations. So it’s no surprise that the number of mobile ransomware variants detected in Q1 2016 grew 45% compared with Q4 2015.
Like its cousins that target PCs, mobile ransomware has become more complex and malicious in the way it works, too. The first mobile ransomware types were ‘screen blockers’, which displayed prominent alerts and made normal interaction with the screen impossible – similar to lock-screen PC ransomware. First seen in 2013, the malware posed as anti-virus software and informed victims their device was infected, demanding they purchased a full version of the software to ‘disinfect’ the device and make it usable again.
In 2014 the first mobile ransomware which encrypts files was detected, again following the success of Windows cryptolocker-style malware. The most recent mobile ransomware type is the Pin locker, which emerged in 2015. One example, called PornDroid, pretends to be a porn player, and tricks the user into granting it Admin privileges. Once it has these, the malware changes users’ Pin codes, locking them out of their devices and displaying a ransom message. We conducted a detailed investigation into how this type of ransomware worked, and we found one variant had infected tens of thousands of devices, with some victims paying $200 to $500 to unlock their data and regain control of the device.
The device divide
While mobile ransomware currently targets Android devices almost exclusively – largely because iOS devices need to be jailbroken in order to download apps from sources other than Apple’s App Store, making them harder to infect – there has been a case in which iOS users were extorted. In 2015, attackers exploited stolen credentials to log into users’ iCloud accounts and remotely locked their devices, and demand ransoms to release them. And in March 2016, the first ransomware targeting Apple Macs, KeRanger, was discovered, so we should expect to see ransomware targeting iOS devices soon.
Check your privilege
Currently, mobile ransomware focuses on locking users out of the device, because the mobile operating systems do not allow malware to access all the device’s areas of memory or storage. However, the privilege escalation exploits referenced earlier point clearly to the next step in ransomware evolution, using techniques to gain ‘root’ privileges on the device which effectively give the criminal complete control of the infected phone or tablet.
Most methods for rooting the device rely on exploiting vulnerabilities either in the OS, the hardware, or individual applications. Unfortunately, these vulnerabilities are widespread: over the past 6 months, over half of Android patches released by Google are for securing devices against privilege escalation exploits – so we can expect to see more ransomware targeting these flaws to gain elevated privileges over the next year.
How can I protect my devices?
The most fundamental principle of mobile device security is never to root or jailbreak your phone – in other words, to avoid deliberate privilege escalations that could then leave you open to malicious ones that may harbour ransomware. A robust security solution should also be applied. Enterprises should select a mobile device management (MDM) solution – but all MDMs are not equal. Some are able to identify when a phone has been deliberately rooted by a user, but not when it has been rooted by malware – and some more advanced malware can disguise itself against such inspection.
A more effective approach is to quarantine and inspect any suspicious apps or attachments in the cloud, before downloading them to the device. This blocks the main vector for privilege escalation, which is from rogue apps.
The mobile threat prevention solution should use a number of components working together to respond to the most common mobile attack vectors. Devices must be continually analyzed to uncover system vulnerabilities and unusual behaviour. Monitoring configuration and behaviour analysis can help identify root access attempts as outlined above. And any downloaded apps must be inspected for the unique binary signatures for known malware; they should also be captured and reverse-engineered for code-flow analysis to expose suspicious behaviour.
And don’t overlook simple steps such as regularly backing-up data on your device so that if the worst does happen, you can recover your files without having to pay.
Help! I’ve already been infected
Unfortunately, there may be little you can do, which is why it’s important to perform regular backups of the data stored on your mobile device. You should certainly avoid paying any ransom, and take your device to a mobile security specialist rather than attempting to decrypt it yourself. But ultimately, when it comes to mobile ransomware, prevention is by far the best protection.
IoT sensors are anything from doctor to canary in mines
Industrial IoT is changing the shape of the mining industry and the intelligence of the devices that drive it
The Internet of Things (IoT) has become many things in the mining industry. A canary that uses sensors to monitor underground air quality, a medic that monitors healthcare, a security guard that’s constantly on guard, and underground mobile vehicle control. It has evolved from the simple connectivity of essential sensors to devices into an ecosystem of indispensable tools and solutions that redefine how mining manages people, productivity and compliance. According to Karien Bornheim, CEO of Footprint Africa Business Solutions (FABS), IoT offers an integrated business solution that can deliver long-term, strategic benefits to the mining industry.
“To fully harness the business potential of IoT, the mining sector has to understand precisely how it can add value,” she adds. “IoT needs to be implemented across the entire value chain in order to deliver fully optimised, relevant and turnkey operational solutions. It doesn’t matter how large the project is, or how complex, what matters is that it is done in line with business strategy and with a clear focus.”
Over the past few years, mining organisations have deployed emerging technologies to help bolster flagging profits, manage increasingly weighty compliance requirements, and reduce overheads. These technologies are finding a foothold in an industry that faces far more complexities around employee wellbeing and safety than many others, and that juggles numerous moving parts to achieve output and performance on a par with competitive standards. Already, these technologies have allowed mines to fundamentally change worker safety protocols and improve working conditions. They have also provided mining companies with the ability to embed solutions into legacy platforms, allowing for sensors and IoT to pull them into a connected net that delivers results.
“The key to achieving results with any IoT or technology project is to partner with service providers, not just shove solutions into identified gaps,” says Bornheim. “You need to start in the conceptual stage and move through the pre-feasibility and bankable feasibility stages before you start the implementation. Work with trained and qualified chemical, metallurgical, mechanical, electrical, instrumentation and structural engineers that form a team led by a qualified engineering lead with experience in project management. This is the only way to ensure that every aspect of the project is aligned with the industry and its highly demanding specifications.”
Mining not only has complexities in compliance and health and safety, but the market has become saturated, difficult and mercurial. For organisations to thrive, they must find new revenue streams and innovate the ways in which they do business. This is where the data delivered by IoT sensors and devices can really transform the bottom line. If translated, analysed and used correctly, the data can provide insights that allow for the executive to make informed decisions about sites, investment and potential.
“The cross-pollination of different data sets from across different sites can help shift dynamics in plant operation and maintenance, in the execution of specific tasks, and so much more,” says Bornheim. “In addition, with sensors and connected devices and systems, mining operations can be managed intelligently to ensure the best results from equipment and people.”
The connection of the physical world to the digital is not new. Many of the applications currently being used or presented to the mining industry are not new either. What’s new is how these solutions are being implemented and the ways in which they are defined. It’s more than sticking on sensors. It’s using these sensors to streamline business across buildings, roads, vehicles, equipment, and sites. These sensors and the ways in which they are used or where they are installed can be customised to suit specific business requirements.
“With qualified electronic engineers and software experts, you can design a vast array of solutions to meet the real needs of your business,” says Bornheim. “Our engineers can programme, create, migrate and integrate embedded IoT solutions for microcontrollers, sensors, and processors. They can also develop intuitive dashboards and human-machine interfaces for IoT and machine-to-machine (M2M) devices to manage the input and output of a wide range of functionalities.”
The benefits of IoT lie in its ubiquity. It can be used in tandem with artificial intelligence or machine learning systems to enhance analytics, improve the automation of basic processes and monitor systems and equipment for faults. It can be used alongside M2M applications to enhance the results and the outcomes of the systems and their roles. And it can be used to improve collaboration and communication between man, machine and mine.
“You can use IoT platforms to visualise mission-critical data for device monitoring, remote control, alerts, security management, health and safety and healthcare,” concludes Bornheim. “The sky is genuinely the limit, especially now that the cost of sensors has come down and the intelligence of solutions and applications has gone up. From real-time insights to hands-on security and safety alerts to data that changes business direction and focus, IoT brings a myriad of benefits to the table.”
Oracle leads in clash of
Three e-commerce platforms have been awarded “gold medals” for leading the way in customer experience. SoftwareReviews, a division of Info-Tech Research Group, named Oracle Commerce Cloud the leader in its 2020 eCommerce Data Quadrant Awards, followed by Shopify Plus and IBM Digital Commerce. The awards are based on user reviews.
The three vendors received the following citations:
- Oracle Commerce Cloud ranked highest among software users, earning the number-one spot in many of the product feature section areas, shining brightest in reporting and analytics, predictive recommendations, order management, and integrated search.
- Shopify Plus performed consistently well according to users, taking the number-one spot for catalogue management, shopping cart management and ease of customisation.
- IBM Digital Commerce did exceptionally well in business value created, quality of features, and vendor support.
The SoftwareReviews Data Quadrant differentiates itself with insightful survey questions, backed by 22 years of research in IT. The study involves gathering intelligence on user satisfaction with both product features and experience with the vendor. When distilled, the customer’s experience is shaped by both the software interface and relationship with the vendor. Evaluating enterprise software along these two dimensions provides a comprehensive understanding of the product in its entirety and helps identify vendors that can deliver on both for the complete software experience.
“Our recent Data Quadrant in e-commerce solutions provides a compelling snapshot of the most popular enterprise-ready players, and can help you make an informed, data-driven selection of an e-commerce platform that will exceed your expectations,” says Ben Dickie, research director at Info-Tech Research Group.
“Having a dedicated e-commerce platform is where the rubber hits the road in transacting with your customers through digital channels. These platforms provide an indispensable array of features, from product catalog and cart management to payment processing to detailed transaction analytics.”