The different scenarios involved in the exchange of information allow the proliferation of threats of different kinds, so I share tips and applications for better performance in the protection of information.
by Osvaldo Callegari*
The use of mobile devices, such as smartphones and tablets, to meet personal and business connectivity needs is growing at an unprecedented rate. In Latin America, more and more people are using their mobile devices to surf the Internet.
With so many devices making their way, companies face a major security challenge as more and more users use their personal devices to access company services, view corporate data and conduct business. In addition, many of these computers are not controlled by the administrator, which means that important company data is not subject to compliance, security, and data loss prevention policies.
To complicate matters further, they are currently not isolated, but connect to a complete ecosystem that supports cloud or computer-based services.
The typical smartphone syncs with at least one public cloud-based service that is outside the administrator's control and many users sync their devices directly to their home computers to back up important data and settings. In both cases, key company data may be stored in various unsecured locations outside of your direct control.
A Symantec report that analyzed security on two of the most popular mobile platforms, Google's Android and Apple's iOS, found that in both cases the number of vulnerabilities and attacks targeting these platforms have increased in the last twelve months.
On the other hand, IDC estimates that by the end of the year, globally 1,000 million part-time or remote workers will be mobile from the main location of their company using some mobile device (laptop, Smartphone, tablets, etc.) to access the Internet.
But what can we do to make our mobile devices safer?
Here are some recommendations from Symantec:
* Do not alter the configuration of mobile devices to avoid vulnerabilities that can be exploited by attackers. Avoid "jail-breaking" breakage of configurations.
* Use apps from reputable, legitimate, and reliable vendors to download and install apps.
* In a practical way, in case of devices with Android system it is recommended to use a configuration that prevents the installation of applications that are not legitimate.
* Compare and review feedback from other users before deciding if an app is safe to download.
* During the installation of applications, check the permissions that are required to install it; if they seem excessive for the function that it has, it would be advisable not to install it.
* Use a security solution for mobile devices that verifies that the programs being downloaded are not malicious.
* Companies should consider implementing a mobile device management solution to ensure that those connecting to the network comply with the organization's security policies and are free of malware.
Malicious activity by country in Latin America
Context: This metric evaluates the countries in the Latin American region (LAM) where the greatest malicious activity occurs or originates. Malicious activity usually affects computers connected to the Internet over high-speed broadband because these connections are attractive targets for attackers as they provide greater capacity than other types of connection, higher speed, more constantly connected systems, and typically a more stable connection.
Symantec classifies malicious activities as follows:
Malicious Codes: These include viruses, worms, and Trojans that are secretly inserted into programs. The purposes of malicious code are to destroy data, run destructive programs or intruders, steal sensitive information, or compromise the security or integrity of data from the victim's computer.
Spam Zombies: These are compromised systems that are remotely controlled and used to send large volumes of junk or unsolicited e-mail messages. These messages can be used to provide malicious code and phishing attempts.
Phishing Hosts: A phishing host is a computer that hosts Web sites that attempt to illegally gather sensitive, personal, and financial information while appearing to be requesting this data from a trusted and known organization. These websites are designed to mimic the sites of legitimate businesses.
Computers infected with Bots: These are affected computers that are being remotely controlled by attackers. Typically, the remote attacker controls a large number of computers affected by a single, reliable channel in a botnet that is used to launch coordinated attacks. In most cases users are unaware that their computer is being used to launch attacks.
Sources of network attacks: It refers to the sources of attacks that are riginan from the Internet. For example, attacks can focus on SQL protocols or buffer overflow vulnerabilities.
Methodology
To determine malicious activity by country, Symantec has collected geographic data on numerous malicious activities, such as malicious code reports, spam zombies, phishing hosts, bot-infected computers, and the origin of network attacks. The proportion of each activity originating in each country within the region is then determined.
The average of the percentages of each malicious activity originating in each country is calculated and this average determines the proportion of all the activity originating in the country in question. The ranking is then determined by calculating the average of the proportion of malicious activities that originated in each country.
The action of a "Phisher"
According to Symantec, phishers or scammers are constantly looking for ways to violate access to cell phones to steal valuable information. There are two areas in which you can see the growing trend, the WAP protocol wireless application protocol and secondly the use of domains that are compromised and that have been registered by mobiles.
Many legitimate brands have designed their sites for mobile phones or WAP pages. The big difference between a wap page and a web page is that the wap must be reduced in size to fit the display of the phone, this has been done for greater compatibility with the installed browser and get the best browsing speed while users are on the go.
Symantec has detected phishing sites on web pages and monitored the trend. In July, social networks and information services contain sites related to insecure sites.
Phishing pages consist of simple forms that ask the user for their personal data, once they are made of that information they redirect them to sites of recognized companies, going unnoticed the scam. Generally, phishing sites are hosted on free servers.
The sites that commonly access mobile phones are those ending in .mobi, these sites are the favorites of phishers, the main objective of these gentlemen is to steal the identities of cell phones, contacts and email addresses.
It is more evident the attack on micro blogs and services of reduced pages or short names, widely used in cell phones.
Banking Trojans in Latin America
According to the analysis and research of ESET specialists, Latin America, Brazil, Colombia and Mexico are among the countries with the highest spread of malicious codes aimed at stealing banking information.
Banking Trojans, malicious codes aimed at illegitimately obtaining users' access credentials to online banking with the aim of stealing money from the user, are threats of high spread and local development in Latin America, according to the computer security company ESET.
"Among the techniques that banking Trojans use to obtain access data to all types of financial institutions can be mentioned the partial or total replacement of the entity's website, the sending of screenshots of the banking page (useful when the user uses virtual keyboards) or even the recording in video format of the user's actions while accessing the website," explained Federico Pacheco, Education and Research Manager at ESET Latin America.
The malware development industry in Latin America has been growing over the years and attacks have begun to be observed targeting users of numerous banking institutions in the region.
In first place is Brazil, the leading country in the spread of banking Trojans with 5.99% of the total, which means that 1 in 17 computers has received this threat so far this year. It is followed in second place by Colombia, with 2.30%, and then Mexico, which holds a third place with 1.73%.
The podium is completed by Ecuador (1.72%), Guatemala (1.50%), Chile (1.35%), Argentina (1.13%) and Peru (0.62%).
"The fact that the security measures used in the region are still more lax than in the rest of the world, coupled with legal delays in terms of prosecuting those responsible for this type of crime, are some of the factors influencing this growing development of banking Trojans in Latin America," Sebastián Bortnik, Awareness & Research Coordinator at ESET Latin America, told us.
Cybercrime or Cybercrime Map
According to what management information systems proposes, a fairly clear concept to define cybercrime or cybercrime. Cybercrime involves criminals with technical knowledge who, for various reasons, try to collapse the operation of a state by attacking, one by one or all at once, the economic, financial, industrial, communications and government operations pillars, either through technological infrastructure or information management.
On the other hand, it is clear that we now have organised crime using electronic means to carry out its criminal activities. These cybercriminals spoof credit cards, manipulate or alter information, access confidential information and steal bank accounts en masse, among other actions.
The names and trademarks mentioned are names and trademarks of their respective companies.
*Any concern or interest on the subject developed write to [email protected]
