Mobile devices are the new frontier for botnets and DDoS attacks
Pop quiz: What has a dual or quad core processor, gigabytes of potentially sensitive data, and very fast Internet connectivity? The default answer is “a PC.” But, if you responded with “smartphone” or “tablet” you would also be correct—and that blurred distinction is not lost on cyber criminals.
The big difference between traditional PCs and mobile devices is that PCs are almost universally equipped with firewall protection and some sort of antimalware defense to guard against attacks, while mobile devices are often left defenseless. Users are conditioned to the constant threat of attack on PCs, but many fail to realize that a smartphone or tablet is just a smaller, more portable computer.
The bad guys realize it, though. Smartphones and tablets typically have 16GB or more of storage space. They have personal information like addresses, phone numbers, and birth dates. They are seamlessly integrated with email accounts, and social networks. They have apps tied in to banks and retailers. Smartphones and tablets are a potential goldmine of sensitive information.
The value of the mobile device doesn’t end there. The device itself is also a prime target. Unbeknownst to their owners, many mobile devices are part of malicious botnets. Most current mobile devices have 4G—or at least 3G—wireless connectivity. Attackers can use drive-by downloads and Trojan apps to compromise mobile devices and hijack them to use as a platform for distributed denial of service attacks.
With traditional PC and Internet threats, the attackers had to mature and evolve along with the technology. Viruses, worms, and other malware went from being nuisances propagated just for the sake of wreaking havoc and gaining notoriety to a highly organized, very lucrative business model. Over that same timeframe, security tools have been developed and refined, and users have been conditioned to be on guard for common threats.
Now the techniques developed, and lessons learned over years of attacking PCs are being applied to mobile devices and users are getting caught off guard.
The first step to protecting yourself is recognizing that a smartphone or tablet is a prime target for attackers. The second step is to make sure you have a reliable cross-device security tool in place that can guard your PCs and mobile devices.
Don’t just install security software and expect it to magically make you invulnerable, though. You must also take the time to understand and configure the security controls available on your mobile device. Set a passcode or access PIN. Encrypt the data.
Finally, make sure you apply the common sense lessons you’ve learned with your PC to your mobile devices as well. Don’t open unknown file attachments. Don’t click on suspicious links. Don’t download and install apps from shady sources. The right security and a little caution can help you avoid almost any threat.