SlideShare ist ein Scribd-Unternehmen logo

Mobile Security Report 2009

F
findram

useful

1 von 7
Downloaden Sie, um offline zu lesen
Mobile Security Report 2009
Mobile Security Report 2009 Executive Summary The mobile industry is going through a period of unprecedented consolidation, both at the carrier level and among hardware and software vendors. Attempts to make the mobile ecosystem more user friendly have shown early signs of success. New players in evolving markets have successfully managed to close the gap with more developed markets, both in terms of the breadth of mobile service offerings and the range of devices available to subscribers. Methodology Regardless of international consolidation, however, there have been few innovations anywhere able to McAfee commissioned Informa Telecoms & Media (ITM) generate significant new revenue streams. Despite ongoing efforts to grow the market with new services to conduct an online survey in November and December and functionality, voice and data access remain the main revenue generators—though often with less 2008. ITM canvassed mobile device manufacturers for attractive returns than a few years ago. At the same time, barriers to entry have emerged that prevent their opinions on key aspects of mobile security. the development of new business models. An email invitation, guaranteeing anonymity to the One of these barriers is security. individuals participating in the survey, was sent to mobile handset manufacturers and the software and hardware Attacks on mobile networks and devices have grown in number and sophistication. This has had a component vendors that supply them. More than 30 negative impact on how market participants perceive the reliability of existing mobile security solutions. international mobile device manufacturers responded. This is particularly apparent in the areas of mobile payments and mobile commerce (m-commerce). In addition to completing the survey, participants were Devices, applications, and even networks are not sufficiently secured to allay users’ concerns. given the opportunity to participate in follow-up inter- views carried out by ITM. The purpose of the in-depth, For many respondents to our survey, device manufacturers are seen as being in the frontline when confidential interviews was to complement, verify, it comes to providing security. They are at the forefront of balancing control with innovation, a dynamic and expand on the survey results. that often determines the mobile ecosystem for as long as a complete lifecycle of a given device. This is why the McAfee Mobile Security Report 2009 is taking a closer look at manufacturers’ security This summary incorporates responses from both the experiences, their concerns and priorities, and their approach to the major security challenges that online questionnaire and the interviews. lie ahead of them in the near future. We hope you find the McAfee Mobile Security Report 2009 interesting and valuable. CONTENTS Victor Kouznetsov Senior Vice President , McAfee Mobile Security Executive Summary 1 Reality Check: The Situation Today 2 The Impact of Mobile Security Incidents 4 Focus Areas of Mobile Security Research 5 An Approach to Mobile Security 7 Summary and Outlook 9 McAfee Mobile Security Report 2009 1
Number of Devices Impacted by Security Incident Category < 10,000 10,000–1,000,000 > 1,000,000 60% “The growth of multimedia 50% applications coupled with 40% the opening of mobile 30% operating systems will be 20% the tipping point for mobile security issues.” 10% – Mobile Device Chipset Vendor 0% Voice or text spam attacks Network or service capacity issues Phishing attacks in any form Virus/spyware infections Third party application/content problems Privacy and regulatory issues Loss of user data from devices Denial of service attacks Reality Check: The Situation Today Source: Informa Telecoms & Media ©2009 Informa UK Ltd. Figure 3-2. The number of devices affected in each incident category Within the last 12 months, manufactures over the last 12 months; percentage For mobile device manufacturers and the software and hardware vendors of respondents. have reported increased security issues that supply them, malware and malicious content is only one of many mobile across all threat catagories. security issues that need to be dealt with. New threats, including those that compromise users’ data or privacy, have emerged, targeting widely supported services such as text messaging and even voice. Mobile Security Issues Reported, 2006 – 2008 At the same time, mobile hackers using traditional Development of Incidents More than 40 percent of vendors have experi- coding practices have developed an increased level enced all the types of security incidents listed Within the last 12 months, vendors have reported of sophistication. Throughout 2008, McAfee® in Figure 3-1 except domain name system (DNS) 60% increased security issues with third-party applica- Avert® Labs noticed a dramatic upswing in complex attacks. In addition to general security issues caus- tions and content. During this time, McAfee attacks targeting lower-level device functionality. ing network or service capacity problems on the 50% Avert Labs has seen a strong increase in the sharing Some of these have challenged the entire plat- carrier side, viruses and spyware as well as voice 40% and downloading of user-generated content and form security concept of several vendors. Early or text spam attacks have grown to considerable mobile applications in the developing markets of security threats from independent young hackers levels throughout 2008. 30% the Middle East and Asia. The vulnerabilities on have turned into sophisticated, profit-oriented 20% devices or networks created by applications with attacks driven by experienced criminals. There also Number of Devices Affected unintentional malicious code can be as severe continues to be a high level of threat of infections 10% as those deliberately created by mobile malware As voice and text services are supported by from existing malware variants as vulnerable device 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 0% hackers. Interviewees have repeatedly reported almost all mobile devices, voice or text spam attacks models have entered secondary life cycles. Figures cases of prematurely released applications causing have hit the greatest number of devices. Support- Network or service capacity issues Virus/spyware infections Voice or text spam attacks Third party application/content problems Loss of user data from devices Phishing attacks in any form Privacy and regulatory issues Denial of service attacks 3-1 and 3-2 illustrate manufacturers’ experiences severe network capacity issues, as well as crashed ing findings from Figure 3-1, security issues arising with the most common mobile security threats or locked devices. In some cases, hackers have from third-party applications and content have over a period of three years. been able to get unauthorized network access impacted a considerable number of devices. Phish- at the users’ expense. ing attacks and traditional problems with malware have also affected a surprisingly high number of Source: Informa Telecoms & Media Figure 3-1. The increase in security mobile devices in the past 12 months. ©2009 Informa UK Ltd. issues experienced by mobile device users from 2006 to 2008; percentage of respondents. 2 McAfee Mobile Security Report 2009 McAfee Mobile Security Report 2009 3
The Impact of Mobile Security Incidents Focus Areas of Mobile Security Research If security is not an integral part of mobile device and platform development, Results from interviews with manufacturers and component vendors enquiring security incidents can have dire consequences for vendors’ businesses. about their top mobile security concerns showed close alignment with findings Figure 4-1 shows participants’ experiences with mobile security issues and how from McAfee research conducted among mobile operators at the beginning these issues impacted internal functions and third-party developer relations. of 20071 and mobile consumers in early 2008 2. Problems in PC environments, which are now accessible by mobile devices, are now top-of-mind concerns among mobile device manufacturers, operators, and mobile users. Impact on Manufacturers’ Businesses Surprisingly, participants reported a very weak connection between increase of incidents and While mobile devices and services are still relatively third-party developer activity. In fact, most previous safe, individual incidents have already had a signif- security incidents have prompted device manu- icant impact on manufacturers’ businesses. Almost facturers to introduce platform security and limit half of participating vendors mentioned increased third-party applications to those vendors fulfilling costs for patching and fixing devices. More than stringent technical and liability conditions. This initi- a third suffered from negative public relations or ated a considerable decline in developer activity and other brand damage followed by loss of credibility innovation output, for example, for the Symbian and user satisfaction. Recent experiences with operating systems and other platforms—a trend releasing new mobile handset platforms, such as not reflected in Figure 4-1. Android, have demonstrated how costly, complex, “Testing applications is not and annoying it can be for manufacturers, carriers, and users to distribute security solutions and really our concern and it’s patches for devices out in the field. not our business to deal with those issues.” – Mobile Network Operator Manufacturer’s Business Areas Impacted Areas of Highest Mobile Security Concern Mobile Usage Areas with Highest Security Most Significantly by Mobile Security Incidents Concern for Manufacturers Concern about mobile banking and payments “ Wireless devices make use of security was mentioned most often by mobile de- vice manufacturing companies. Initially introduced precious resources as far as the 60% 90% for the fixed line world, financial transactions have communication infrastructure 50% traditionally been a high attack and concern area. 75% is concerned.” 40% Today, service providers, banks, and PC manu- 60% – Mobile Device Chipset Vendor 30% facturers recommend the installation of personal 45% protection products (often at no cost for the user.) 20% 30% But the situation is different in the mobile space. 10% While mobile banking services are growing rapidly 15% 48% 36% 32% 32% 32% 28% 24% 81% 69% 69% 66% 59% 59% 53% 44% 44% 41% 41% 28% 0% in developing countries, where other payment 0% methods are rare, mobile devices continue to Increased costs for patching/fixing devices Negativity in public relations or for brand Loss of revenues from services or device sales Loss of credibility or user satisfaction Increased customer care calls and enquiries Customer switching to competing manufacturer Reduced developers activity or content availability Payments and banking Installing applications External memory cards WiFi/Bluetooth connections Download of multimedia content Internet browsing Email messaging PC synchronization Geo-localization function Text messaging Voice-over-IP chat Voice and voicemail lack sufficient protection features. Source: Informa Telecoms & Media Figure 4-1. Significance of the per- Source: Informa Telecoms & Media Figure 5-1. The security concern ©2009 Informa UK Ltd. ©2009 Informa UK Ltd. ceived impact of previous security level for various mobile device incidents on manufacturers busi- functions. 1 McAfee Mobile Security Report 2007, Research among 200 mobile nesses; percentage of respondents. operators about their experiences with mobile security incidents. 2 McAfee Mobile Security Report 2008, Research among 2000 consumers in Japan, United Kingdom and United States about their mobile security 4 McAfee Mobile Security Report 2009 concerns on mobile devices and mobile services. McAfee Mobile Security Report 2009 5
Mobile Security Report 2009
Mobile Security Report 2009
Mobile Security Report 2009

Empfohlen

Mobilize With Cs Cs
Mobilize With Cs CsMobilize With Cs Cs
Mobilize With Cs Csfindram
 
Introduction to Mobile Marketing
Introduction to Mobile MarketingIntroduction to Mobile Marketing
Introduction to Mobile MarketingMike Craig
 
Metrinomics Global Consumer Survey 2010 - Mobile Market
Metrinomics Global Consumer Survey 2010 - Mobile MarketMetrinomics Global Consumer Survey 2010 - Mobile Market
Metrinomics Global Consumer Survey 2010 - Mobile MarketMetrinomics
 
Harnessing the Power of the Mobile Cloud
Harnessing the Power of the Mobile CloudHarnessing the Power of the Mobile Cloud
Harnessing the Power of the Mobile CloudAntenna Software
 
Incorporating Mobile Commerce in your Multi-Channel strategy
Incorporating Mobile Commerce in your Multi-Channel strategy Incorporating Mobile Commerce in your Multi-Channel strategy
Incorporating Mobile Commerce in your Multi-Channel strategy IBM Software India
 
Recycle for London "app" at NMA event
Recycle for London "app" at NMA eventRecycle for London "app" at NMA event
Recycle for London "app" at NMA eventJason Cross
 
Enterprise Mobility Guide 2011 from Sybase, an SAP Company
Enterprise Mobility Guide 2011 from Sybase, an SAP CompanyEnterprise Mobility Guide 2011 from Sybase, an SAP Company
Enterprise Mobility Guide 2011 from Sybase, an SAP CompanySybase, an SAP Company
 
MobileIron Deck
MobileIron DeckMobileIron Deck
MobileIron DeckJason Moser
 

Empfohlen

Mobilize With Cs Cs
Mobilize With Cs CsMobilize With Cs Cs
Mobilize With Cs Csfindram
 
Introduction to Mobile Marketing
Introduction to Mobile MarketingIntroduction to Mobile Marketing
Introduction to Mobile MarketingMike Craig
 
Metrinomics Global Consumer Survey 2010 - Mobile Market
Metrinomics Global Consumer Survey 2010 - Mobile MarketMetrinomics Global Consumer Survey 2010 - Mobile Market
Metrinomics Global Consumer Survey 2010 - Mobile MarketMetrinomics
 
Harnessing the Power of the Mobile Cloud
Harnessing the Power of the Mobile CloudHarnessing the Power of the Mobile Cloud
Harnessing the Power of the Mobile CloudAntenna Software
 
Incorporating Mobile Commerce in your Multi-Channel strategy
Incorporating Mobile Commerce in your Multi-Channel strategy Incorporating Mobile Commerce in your Multi-Channel strategy
Incorporating Mobile Commerce in your Multi-Channel strategy IBM Software India
 
Recycle for London "app" at NMA event
Recycle for London "app" at NMA eventRecycle for London "app" at NMA event
Recycle for London "app" at NMA eventJason Cross
 
Enterprise Mobility Guide 2011 from Sybase, an SAP Company
Enterprise Mobility Guide 2011 from Sybase, an SAP CompanyEnterprise Mobility Guide 2011 from Sybase, an SAP Company
Enterprise Mobility Guide 2011 from Sybase, an SAP CompanySybase, an SAP Company
 
MobileIron Deck
MobileIron DeckMobileIron Deck
MobileIron DeckJason Moser
 
Hot house istrategy_presentation_february_2012_original-1
Hot house istrategy_presentation_february_2012_original-1Hot house istrategy_presentation_february_2012_original-1
Hot house istrategy_presentation_february_2012_original-1iStrategy
 
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile SecurityDSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile SecurityAndris Soroka
 
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...Antenna Software
 
Berney Final Communication Wednesday Prague Nov 09
Berney Final Communication Wednesday Prague Nov 09Berney Final Communication Wednesday Prague Nov 09
Berney Final Communication Wednesday Prague Nov 09TUESDAY Business Network
 
Inc pres (dma bristol apps) 24 jun11 v1.1
Inc pres (dma bristol apps) 24 jun11 v1.1Inc pres (dma bristol apps) 24 jun11 v1.1
Inc pres (dma bristol apps) 24 jun11 v1.1Jason Cross
 
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...G3 Communications
 
BlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry
 
BCU Making Mobile Marketing Work Intro: Mark Brill
BCU Making Mobile Marketing Work Intro: Mark BrillBCU Making Mobile Marketing Work Intro: Mark Brill
BCU Making Mobile Marketing Work Intro: Mark Brillsamanthayep
 
Mobile - A path to win in china - For Download
Mobile - A path to win in china - For DownloadMobile - A path to win in china - For Download
Mobile - A path to win in china - For DownloadNuno Santos
 
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013Andris Soroka
 
Inc pres (dma bristol messaging) 24 jun11 v1.0
Inc pres (dma bristol messaging) 24 jun11 v1.0Inc pres (dma bristol messaging) 24 jun11 v1.0
Inc pres (dma bristol messaging) 24 jun11 v1.0Jason Cross
 
Mobile Megatrends 2010 (VisionMobile)
Mobile Megatrends 2010 (VisionMobile)Mobile Megatrends 2010 (VisionMobile)
Mobile Megatrends 2010 (VisionMobile)SlashData
 
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]kgbacdd
 
Growth with IBM Mobile Enterprise
Growth with IBM Mobile EnterpriseGrowth with IBM Mobile Enterprise
Growth with IBM Mobile EnterpriseIIC_Barcelona
 
Mobile Money Report
Mobile Money ReportMobile Money Report
Mobile Money ReportVikash Kumar
 
Mobile Megatrends 2008 (VisionMobile)
Mobile Megatrends 2008 (VisionMobile)Mobile Megatrends 2008 (VisionMobile)
Mobile Megatrends 2008 (VisionMobile)guest94da57
 
Value And Pricing Strategies For Mobile Operators
Value And Pricing Strategies For Mobile OperatorsValue And Pricing Strategies For Mobile Operators
Value And Pricing Strategies For Mobile OperatorsLoïc Le Corre
 
Finland and nokia case study analysis
Finland and nokia case study analysisFinland and nokia case study analysis
Finland and nokia case study analysismbaslides
 
Kelsey: Top 5 Mobile Trends
Kelsey: Top 5 Mobile TrendsKelsey: Top 5 Mobile Trends
Kelsey: Top 5 Mobile TrendsBen Allen
 
Mobile phone development ifi
Mobile phone development ifiMobile phone development ifi
Mobile phone development ifiDeepak Bijlwan
 
Why Managing Mobility Matters
Why Managing Mobility MattersWhy Managing Mobility Matters
Why Managing Mobility MattersDan Sharoni, MSTC, CSM
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012Icomm Technologies
 

Weitere ähnliche Inhalte

Was ist angesagt?

Hot house istrategy_presentation_february_2012_original-1
Hot house istrategy_presentation_february_2012_original-1Hot house istrategy_presentation_february_2012_original-1
Hot house istrategy_presentation_february_2012_original-1iStrategy
 
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile SecurityDSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile SecurityAndris Soroka
 
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...Antenna Software
 
Berney Final Communication Wednesday Prague Nov 09
Berney Final Communication Wednesday Prague Nov 09Berney Final Communication Wednesday Prague Nov 09
Berney Final Communication Wednesday Prague Nov 09TUESDAY Business Network
 
Inc pres (dma bristol apps) 24 jun11 v1.1
Inc pres (dma bristol apps) 24 jun11 v1.1Inc pres (dma bristol apps) 24 jun11 v1.1
Inc pres (dma bristol apps) 24 jun11 v1.1Jason Cross
 
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...G3 Communications
 
BlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry
 
BCU Making Mobile Marketing Work Intro: Mark Brill
BCU Making Mobile Marketing Work Intro: Mark BrillBCU Making Mobile Marketing Work Intro: Mark Brill
BCU Making Mobile Marketing Work Intro: Mark Brillsamanthayep
 
Mobile - A path to win in china - For Download
Mobile - A path to win in china - For DownloadMobile - A path to win in china - For Download
Mobile - A path to win in china - For DownloadNuno Santos
 
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013Andris Soroka
 
Inc pres (dma bristol messaging) 24 jun11 v1.0
Inc pres (dma bristol messaging) 24 jun11 v1.0Inc pres (dma bristol messaging) 24 jun11 v1.0
Inc pres (dma bristol messaging) 24 jun11 v1.0Jason Cross
 
Mobile Megatrends 2010 (VisionMobile)
Mobile Megatrends 2010 (VisionMobile)Mobile Megatrends 2010 (VisionMobile)
Mobile Megatrends 2010 (VisionMobile)SlashData
 
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]kgbacdd
 
Growth with IBM Mobile Enterprise
Growth with IBM Mobile EnterpriseGrowth with IBM Mobile Enterprise
Growth with IBM Mobile EnterpriseIIC_Barcelona
 
Mobile Money Report
Mobile Money ReportMobile Money Report
Mobile Money ReportVikash Kumar
 
Mobile Megatrends 2008 (VisionMobile)
Mobile Megatrends 2008 (VisionMobile)Mobile Megatrends 2008 (VisionMobile)
Mobile Megatrends 2008 (VisionMobile)guest94da57
 
Value And Pricing Strategies For Mobile Operators
Value And Pricing Strategies For Mobile OperatorsValue And Pricing Strategies For Mobile Operators
Value And Pricing Strategies For Mobile OperatorsLoïc Le Corre
 
Finland and nokia case study analysis
Finland and nokia case study analysisFinland and nokia case study analysis
Finland and nokia case study analysismbaslides
 
Kelsey: Top 5 Mobile Trends
Kelsey: Top 5 Mobile TrendsKelsey: Top 5 Mobile Trends
Kelsey: Top 5 Mobile TrendsBen Allen
 
Mobile phone development ifi
Mobile phone development ifiMobile phone development ifi
Mobile phone development ifiDeepak Bijlwan
 

Was ist angesagt? (20)

Hot house istrategy_presentation_february_2012_original-1
Hot house istrategy_presentation_february_2012_original-1Hot house istrategy_presentation_february_2012_original-1
Hot house istrategy_presentation_february_2012_original-1
 
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile SecurityDSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
 
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...
A Platform for Mobile Enterprise Management: Build, Run and Manage Your Mobil...
 
Berney Final Communication Wednesday Prague Nov 09
Berney Final Communication Wednesday Prague Nov 09Berney Final Communication Wednesday Prague Nov 09
Berney Final Communication Wednesday Prague Nov 09
 
Inc pres (dma bristol apps) 24 jun11 v1.1
Inc pres (dma bristol apps) 24 jun11 v1.1Inc pres (dma bristol apps) 24 jun11 v1.1
Inc pres (dma bristol apps) 24 jun11 v1.1
 
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...
Mobilizing The Shopping Experience: Tips for Building Relevant mCommerce Rela...
 
BlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT Expo
 
BCU Making Mobile Marketing Work Intro: Mark Brill
BCU Making Mobile Marketing Work Intro: Mark BrillBCU Making Mobile Marketing Work Intro: Mark Brill
BCU Making Mobile Marketing Work Intro: Mark Brill
 
Mobile - A path to win in china - For Download
Mobile - A path to win in china - For DownloadMobile - A path to win in china - For Download
Mobile - A path to win in china - For Download
 
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
 
Inc pres (dma bristol messaging) 24 jun11 v1.0
Inc pres (dma bristol messaging) 24 jun11 v1.0Inc pres (dma bristol messaging) 24 jun11 v1.0
Inc pres (dma bristol messaging) 24 jun11 v1.0
 
Mobile Megatrends 2010 (VisionMobile)
Mobile Megatrends 2010 (VisionMobile)Mobile Megatrends 2010 (VisionMobile)
Mobile Megatrends 2010 (VisionMobile)
 
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
 
Growth with IBM Mobile Enterprise
Growth with IBM Mobile EnterpriseGrowth with IBM Mobile Enterprise
Growth with IBM Mobile Enterprise
 
Mobile Money Report
Mobile Money ReportMobile Money Report
Mobile Money Report
 
Mobile Megatrends 2008 (VisionMobile)
Mobile Megatrends 2008 (VisionMobile)Mobile Megatrends 2008 (VisionMobile)
Mobile Megatrends 2008 (VisionMobile)
 
Value And Pricing Strategies For Mobile Operators
Value And Pricing Strategies For Mobile OperatorsValue And Pricing Strategies For Mobile Operators
Value And Pricing Strategies For Mobile Operators
 
Finland and nokia case study analysis
Finland and nokia case study analysisFinland and nokia case study analysis
Finland and nokia case study analysis
 
Kelsey: Top 5 Mobile Trends
Kelsey: Top 5 Mobile TrendsKelsey: Top 5 Mobile Trends
Kelsey: Top 5 Mobile Trends
 
Mobile phone development ifi
Mobile phone development ifiMobile phone development ifi
Mobile phone development ifi
 

Ähnlich wie Mobile Security Report 2009

Mojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile SecurityMojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile SecurityMojave Networks
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psAccenture
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Unleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfUnleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfSecurityGen1
 
Strengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenStrengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenSecurityGen1
 
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceTelecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceSecurityGen1
 
Tech mahindra whitepaper modified mobile app store architecture with pro acti...
Tech mahindra whitepaper modified mobile app store architecture with pro acti...Tech mahindra whitepaper modified mobile app store architecture with pro acti...
Tech mahindra whitepaper modified mobile app store architecture with pro acti...anuragsinghal1981
 
Mobile App-Store Enhanced Architecture with Pro-active Security Control
Mobile App-Store Enhanced Architecture with Pro-active Security ControlMobile App-Store Enhanced Architecture with Pro-active Security Control
Mobile App-Store Enhanced Architecture with Pro-active Security ControlTech Mahindra
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01ijmnct
 
Security attacks taxonomy on
Security attacks taxonomy onSecurity attacks taxonomy on
Security attacks taxonomy onijmnct
 
Paper id 25201417
Paper id 25201417Paper id 25201417
Paper id 25201417IJRAT
 
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseMbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseSelectedPresentations
 
Actionable insights
Actionable insightsActionable insights
Actionable insightsTim Youm
 
151002_oml_mobile_device_management_v1p
151002_oml_mobile_device_management_v1p151002_oml_mobile_device_management_v1p
151002_oml_mobile_device_management_v1pStéphane Roule
 

Ähnlich wie Mobile Security Report 2009 (20)

Why Managing Mobility Matters
Why Managing Mobility MattersWhy Managing Mobility Matters
Why Managing Mobility Matters
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
Mojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile SecurityMojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile Security
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Unleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfUnleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdf
 
Strengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenStrengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGen
 
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceTelecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
 
Tech mahindra whitepaper modified mobile app store architecture with pro acti...
Tech mahindra whitepaper modified mobile app store architecture with pro acti...Tech mahindra whitepaper modified mobile app store architecture with pro acti...
Tech mahindra whitepaper modified mobile app store architecture with pro acti...
 
Mobile App-Store Enhanced Architecture with Pro-active Security Control
Mobile App-Store Enhanced Architecture with Pro-active Security ControlMobile App-Store Enhanced Architecture with Pro-active Security Control
Mobile App-Store Enhanced Architecture with Pro-active Security Control
 
Securing mobile devices 1
Securing mobile devices 1Securing mobile devices 1
Securing mobile devices 1
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environment
 
An analysis of the security needs
An analysis of the security needsAn analysis of the security needs
An analysis of the security needs
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01
 
Security attacks taxonomy on
Security attacks taxonomy onSecurity attacks taxonomy on
Security attacks taxonomy on
 
Paper id 25201417
Paper id 25201417Paper id 25201417
Paper id 25201417
 
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseMbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
 
Actionable insights
Actionable insightsActionable insights
Actionable insights
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
 
151002_oml_mobile_device_management_v1p
151002_oml_mobile_device_management_v1p151002_oml_mobile_device_management_v1p
151002_oml_mobile_device_management_v1p
 

Mobile Security Report 2009

  • 2. Mobile Security Report 2009 Executive Summary The mobile industry is going through a period of unprecedented consolidation, both at the carrier level and among hardware and software vendors. Attempts to make the mobile ecosystem more user friendly have shown early signs of success. New players in evolving markets have successfully managed to close the gap with more developed markets, both in terms of the breadth of mobile service offerings and the range of devices available to subscribers. Methodology Regardless of international consolidation, however, there have been few innovations anywhere able to McAfee commissioned Informa Telecoms & Media (ITM) generate significant new revenue streams. Despite ongoing efforts to grow the market with new services to conduct an online survey in November and December and functionality, voice and data access remain the main revenue generators—though often with less 2008. ITM canvassed mobile device manufacturers for attractive returns than a few years ago. At the same time, barriers to entry have emerged that prevent their opinions on key aspects of mobile security. the development of new business models. An email invitation, guaranteeing anonymity to the One of these barriers is security. individuals participating in the survey, was sent to mobile handset manufacturers and the software and hardware Attacks on mobile networks and devices have grown in number and sophistication. This has had a component vendors that supply them. More than 30 negative impact on how market participants perceive the reliability of existing mobile security solutions. international mobile device manufacturers responded. This is particularly apparent in the areas of mobile payments and mobile commerce (m-commerce). In addition to completing the survey, participants were Devices, applications, and even networks are not sufficiently secured to allay users’ concerns. given the opportunity to participate in follow-up inter- views carried out by ITM. The purpose of the in-depth, For many respondents to our survey, device manufacturers are seen as being in the frontline when confidential interviews was to complement, verify, it comes to providing security. They are at the forefront of balancing control with innovation, a dynamic and expand on the survey results. that often determines the mobile ecosystem for as long as a complete lifecycle of a given device. This is why the McAfee Mobile Security Report 2009 is taking a closer look at manufacturers’ security This summary incorporates responses from both the experiences, their concerns and priorities, and their approach to the major security challenges that online questionnaire and the interviews. lie ahead of them in the near future. We hope you find the McAfee Mobile Security Report 2009 interesting and valuable. CONTENTS Victor Kouznetsov Senior Vice President , McAfee Mobile Security Executive Summary 1 Reality Check: The Situation Today 2 The Impact of Mobile Security Incidents 4 Focus Areas of Mobile Security Research 5 An Approach to Mobile Security 7 Summary and Outlook 9 McAfee Mobile Security Report 2009 1
  • 3. Number of Devices Impacted by Security Incident Category < 10,000 10,000–1,000,000 > 1,000,000 60% “The growth of multimedia 50% applications coupled with 40% the opening of mobile 30% operating systems will be 20% the tipping point for mobile security issues.” 10% – Mobile Device Chipset Vendor 0% Voice or text spam attacks Network or service capacity issues Phishing attacks in any form Virus/spyware infections Third party application/content problems Privacy and regulatory issues Loss of user data from devices Denial of service attacks Reality Check: The Situation Today Source: Informa Telecoms & Media ©2009 Informa UK Ltd. Figure 3-2. The number of devices affected in each incident category Within the last 12 months, manufactures over the last 12 months; percentage For mobile device manufacturers and the software and hardware vendors of respondents. have reported increased security issues that supply them, malware and malicious content is only one of many mobile across all threat catagories. security issues that need to be dealt with. New threats, including those that compromise users’ data or privacy, have emerged, targeting widely supported services such as text messaging and even voice. Mobile Security Issues Reported, 2006 – 2008 At the same time, mobile hackers using traditional Development of Incidents More than 40 percent of vendors have experi- coding practices have developed an increased level enced all the types of security incidents listed Within the last 12 months, vendors have reported of sophistication. Throughout 2008, McAfee® in Figure 3-1 except domain name system (DNS) 60% increased security issues with third-party applica- Avert® Labs noticed a dramatic upswing in complex attacks. In addition to general security issues caus- tions and content. During this time, McAfee attacks targeting lower-level device functionality. ing network or service capacity problems on the 50% Avert Labs has seen a strong increase in the sharing Some of these have challenged the entire plat- carrier side, viruses and spyware as well as voice 40% and downloading of user-generated content and form security concept of several vendors. Early or text spam attacks have grown to considerable mobile applications in the developing markets of security threats from independent young hackers levels throughout 2008. 30% the Middle East and Asia. The vulnerabilities on have turned into sophisticated, profit-oriented 20% devices or networks created by applications with attacks driven by experienced criminals. There also Number of Devices Affected unintentional malicious code can be as severe continues to be a high level of threat of infections 10% as those deliberately created by mobile malware As voice and text services are supported by from existing malware variants as vulnerable device 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 0% hackers. Interviewees have repeatedly reported almost all mobile devices, voice or text spam attacks models have entered secondary life cycles. Figures cases of prematurely released applications causing have hit the greatest number of devices. Support- Network or service capacity issues Virus/spyware infections Voice or text spam attacks Third party application/content problems Loss of user data from devices Phishing attacks in any form Privacy and regulatory issues Denial of service attacks 3-1 and 3-2 illustrate manufacturers’ experiences severe network capacity issues, as well as crashed ing findings from Figure 3-1, security issues arising with the most common mobile security threats or locked devices. In some cases, hackers have from third-party applications and content have over a period of three years. been able to get unauthorized network access impacted a considerable number of devices. Phish- at the users’ expense. ing attacks and traditional problems with malware have also affected a surprisingly high number of Source: Informa Telecoms & Media Figure 3-1. The increase in security mobile devices in the past 12 months. ©2009 Informa UK Ltd. issues experienced by mobile device users from 2006 to 2008; percentage of respondents. 2 McAfee Mobile Security Report 2009 McAfee Mobile Security Report 2009 3
  • 4. The Impact of Mobile Security Incidents Focus Areas of Mobile Security Research If security is not an integral part of mobile device and platform development, Results from interviews with manufacturers and component vendors enquiring security incidents can have dire consequences for vendors’ businesses. about their top mobile security concerns showed close alignment with findings Figure 4-1 shows participants’ experiences with mobile security issues and how from McAfee research conducted among mobile operators at the beginning these issues impacted internal functions and third-party developer relations. of 20071 and mobile consumers in early 2008 2. Problems in PC environments, which are now accessible by mobile devices, are now top-of-mind concerns among mobile device manufacturers, operators, and mobile users. Impact on Manufacturers’ Businesses Surprisingly, participants reported a very weak connection between increase of incidents and While mobile devices and services are still relatively third-party developer activity. In fact, most previous safe, individual incidents have already had a signif- security incidents have prompted device manu- icant impact on manufacturers’ businesses. Almost facturers to introduce platform security and limit half of participating vendors mentioned increased third-party applications to those vendors fulfilling costs for patching and fixing devices. More than stringent technical and liability conditions. This initi- a third suffered from negative public relations or ated a considerable decline in developer activity and other brand damage followed by loss of credibility innovation output, for example, for the Symbian and user satisfaction. Recent experiences with operating systems and other platforms—a trend releasing new mobile handset platforms, such as not reflected in Figure 4-1. Android, have demonstrated how costly, complex, “Testing applications is not and annoying it can be for manufacturers, carriers, and users to distribute security solutions and really our concern and it’s patches for devices out in the field. not our business to deal with those issues.” – Mobile Network Operator Manufacturer’s Business Areas Impacted Areas of Highest Mobile Security Concern Mobile Usage Areas with Highest Security Most Significantly by Mobile Security Incidents Concern for Manufacturers Concern about mobile banking and payments “ Wireless devices make use of security was mentioned most often by mobile de- vice manufacturing companies. Initially introduced precious resources as far as the 60% 90% for the fixed line world, financial transactions have communication infrastructure 50% traditionally been a high attack and concern area. 75% is concerned.” 40% Today, service providers, banks, and PC manu- 60% – Mobile Device Chipset Vendor 30% facturers recommend the installation of personal 45% protection products (often at no cost for the user.) 20% 30% But the situation is different in the mobile space. 10% While mobile banking services are growing rapidly 15% 48% 36% 32% 32% 32% 28% 24% 81% 69% 69% 66% 59% 59% 53% 44% 44% 41% 41% 28% 0% in developing countries, where other payment 0% methods are rare, mobile devices continue to Increased costs for patching/fixing devices Negativity in public relations or for brand Loss of revenues from services or device sales Loss of credibility or user satisfaction Increased customer care calls and enquiries Customer switching to competing manufacturer Reduced developers activity or content availability Payments and banking Installing applications External memory cards WiFi/Bluetooth connections Download of multimedia content Internet browsing Email messaging PC synchronization Geo-localization function Text messaging Voice-over-IP chat Voice and voicemail lack sufficient protection features. Source: Informa Telecoms & Media Figure 4-1. Significance of the per- Source: Informa Telecoms & Media Figure 5-1. The security concern ©2009 Informa UK Ltd. ©2009 Informa UK Ltd. ceived impact of previous security level for various mobile device incidents on manufacturers busi- functions. 1 McAfee Mobile Security Report 2007, Research among 200 mobile nesses; percentage of respondents. operators about their experiences with mobile security incidents. 2 McAfee Mobile Security Report 2008, Research among 2000 consumers in Japan, United Kingdom and United States about their mobile security 4 McAfee Mobile Security Report 2009 concerns on mobile devices and mobile services. McAfee Mobile Security Report 2009 5