14 DAY TRIAL // The Hack in the Box conference has started today in Malaysia and before the speakers take the floor we rushed to the opportunity to talk to another industry expert who will soon share his experience with the world.
Jimmy Shah, a mobile security researcher at McAfee will speak at the conference about mobile malware, but in the meantime, we've asked him a couple of things about McAfee's latest products, future plans and we even brought up the controversial subject of tracking.
Softpedia: Recent reports show that most smartphone owners refuse to properly protect their devices against internet threats. Why do you think this is happening? How can they be convinced that there's a lot at stake?
Jimmy Shah: One can no longer look at smartphones and say there is no risk. In the past few years we've seen a rise in trojan horse programs, rootkits and botnets on multiple mobile platforms. Even if a platform is not as susceptible to installed malware as others, it's still at risk from vulnerability exploits (e.g. root, jailbreaking). There is also a rise in the amount of for-profit malware in the wild.
Developers are seeing many ways to make money on smartphones, but so are criminals. The people behind the Zeus and Spyeye crimeware kits have developed helper trojan apps for a number of major smartphone platforms. When they try to steal your bank account online, they don't want to be stopped in their tracks because they don't have a version of their mTAN(mobile Transaction Authorization Number) stealing trojan for your phone.
Softpedia: Another recent study presented by McAfee showed that automotive systems are becoming more vulnerable by the minute. Does the company plan any security solution that can be successfully deployed in these vehicles?
Jimmy Shah: The purpose of McAfee's report was to educate the public, so they are aware that these types of attacks are very much a potential threat.
Embedded systems generally have not had to consider security as they have not been network connected. As with PCs, the Internet eased communication issues but also opened up standalone systems to a multitude of attackers. We can take the lessons learned from defending PCs from attack and use them to both develop embedded systems more securely and to enable active security.
Softpedia: Figures show that the number of malware threats has hit the roof. Can the security industry keep up with the cybercriminals?
Jimmy Shah: It's true that malware figures on the PC are quite high, with millions of new samples seen monthly. In contrast, mobile malware is considerably smaller at 10s of samples a month. Currently evasion techniques used by mobile malware authors are not as complex as what we see on the PC side. This makes detection relatively straightforward and allows us to concentrate on implementing or adapting anti-malware techniques developed on PCs on smartphones.
Softpedia: A lot of mobile data stealing apps have hit the market. Can mobile security solutions prevent data theft?
Jimmy Shah: Most of the data stealing apps on the market are considered Potentially Unwanted Programs(PUP). This is a category that includes commercial spyware and adware. Non-commercial apps that steal data are considered malware. The difference is usually whether or not the app asks the user for permission.
We also offer Data Leakage Protection with email. By utilizing a protected/encrypted container on device, we can prevent confidential information from being copied to files on disk or sent over the Internet. This allows you to read your corporate email and not worry that copies of sensitive information are lying all over your smartphone.
It also makes it more difficult for data stealing apps to access your email.
Softpedia: I know that you are specialized in the analysis of threats on most of the mobile platforms. From your experience, can you tell which of them is more vulnerable and which is designed to offer the best protection to users?
Jimmy Shah: No single mobile platform is any more secure than any other. Certain platforms are open and allow easy installation of software from various and sometimes unauthorized sources. Others restrict installation to approved sources only, but are a constant target for users attempting to unlock their smartphones. This unlocking of the operating system inevitably results in bypassing the native security and can allow attackers to gain control of devices.
The best protection for users is to avoid suspicious sources of software and pirated software. Utilizing security software can also protect users by blocking bad apps, exploits and malicious web sites.
Softpedia: McAfee just released All Access, the industry's first full security offering for internet connected devices. Do you think that such a solution, that relieves users of the hassle of having multiple licenses, will make them better secure their smart devices?
Jimmy Shah: Cost is usually an issue when dealing with protecting all your devices.
In some cases, a user could spend hundreds of dollars to protect all of their computers and mobile devices with individual licenses. Never mind that keeping track of all licenses and which ones are active or need to be renewed can be a hassle.
McAfee All Access lets consumers just buy one license and be sure of protection on all their devices. The product is most useful for people and families that have desktop computers, smartphones, tablets, netbooks and other mobile devices. For one low price there is no longer a need to worry about whether you've got the right software or if your protection is up to date; you're computers and devices are all covered.
Softpedia: There's been a lot of controversy lately on the subject of user tracking in order to obtain demographic information. Does McAfee implement such tracking mechanisms to obtain threat related or any other type of information?
Jimmy Shah: A lot of the controversy in collecting data about users is due to software doing so without user permission or for nefarious purposes.
Collecting threat information on the other hand usually requires that a user be informed and to give their permission. McAfee gives users the option to provide us with samples of malware that targets their system.
Our SiteAdvisor technology, which presents the user with green, yellow, and red site ratings, utilizes information provided by users to help
This "community effect" helps to protect all of us.