Nokia issued Monday its latest Threat Intelligence Report, revealing a new all-time high in mobile device malware infections, a sharp increase in compromised smartphones and major IoT device security vulnerabilities.
The latest report revealed a steady increase in mobile device infections throughout 2016, with malware striking 1.35 percent of all mobile devices in October – the highest level seen since reporting started in 2012. The report also revealed a surge of nearly 400 percent in smartphone malware attacks in 2016. Smartphones were the most-targeted devices in the second half of the year, accounting for 85 percent of all mobile device infections.
Issued twice a year, the Nokia Threat Intelligence Report examines general trends and statistics for infections in devices connected through mobile and fixed networks at the global level.
The Nokia Threat Intelligence Report reported that mobile device infection rate continues to climb. The overall infection rate increased 63 percent in the second half of 2016, compared to the first half of the year. The mobile device infection rate rose steadily throughout 2016, an all-time high level reaching 1.35 percent in October compared 1.06 percent in April 2016. This was the highest level recorded since the study started in 2012.
Smartphones were the top malware targets by far, accounting for 85 percent of all mobile device infections in the second half of 2016. Smartphone infections increased 83 percent during this period compared to the first half of the year (0.90 percent vs 0.49 percent), and increased nearly 400 percent in 2016.
In late 2016, the Mirai botnet assembled an army of compromised IoT devices to launch three of the largest DDoS attacks in history, including an assault that took down many high-profile web services. These attacks underscored the urgent requirement for more robust security capabilities to protect IoT devices from future attacks and exploitation.
The repoet also highlighted that malware seeks a bite out of Apple. Android-based devices continue to be the primary target for malware attacks (81 percent). However, iOS and other mobile devices were also targeted in the second half of the year (4 percent). Windows/PC systems accounted for 15 percent of malware infections in the second half of 2016, down from 22 percent in the first half of the year.
The monthly infection rate in residential fixed broadband networks averaged 10.7 percent in the second half of 2016, down from 12 percent in the first half, and down from 11 percent in late 2015. While moderate threat level adware activity decreased in the second half of 2016, high-level threats like bots, rootkits, keyloggers and banking Trojans) remained steady at approximately six percent.
The Nokia Threat Intelligence Report aggregates data from deployments of the Nokia NetGuard Endpoint Security (NES) network-based anti-malware solution. NES analyzes traffic patterns from within service provider networks for evidence of malware infections in more than 100 million devices, including mobile phones, laptops, notepads and a broad range of IoT devices.
NES is much more efficient than traditional antivirus software, as it cannot be disabled and protects mobile and fixed network devices without requiring any on-board security software. It enables service providers to deliver superior protection while providing valuable insights to better manage and maintain the security of their networks.
“The security of IoT devices has become a major concern. The Mirai botnet attacks last year demonstrated how thousands of unsecured IoT devices could easily be hijacked to launch crippling DDoS attacks,” said Kevin McNamee, head of the Nokia Threat Intelligence Lab. “As the number and types of IoT devices continue to proliferate, the risks will only increase. Nokia’s network-based security can help address this growing threat by detecting activity before a DDoS attack occurs, enabling service providers to take corrective actions that mitigate the impact.”