Mobile malware meets BYOD

BYOD sign with slash


Mobile malware is growing at an explosive rate, a trend that began in 2011 and continues to gain velocity – just as bring-your-own-device strategies are gaining greater acceptance in government offices. 

A new report from Alcatel-Lucent notes that infections of malicious software in mobile devices surged by 20 percent in 2013, and the tech communications company estimates that more than 11.6 million devices are infected at any given time. The majority of malware targets Android devices, which could be a serious concern for agencies as they open up their networks beyond the once-dominant Blackberry platform. 

It is particularly dangerous when it comes to introducing and facilitating advanced persistent threats on networks, the report notes. 

"The smartphone presents an excellent platform for advanced persistent threat and cyber espionage attacks against corporate and government networks," the report’s authors wrote. "Malware deployed on a smartphone can communicate 24/7 through the air with a remote [command and control] site, bypassing all corporate security measures." 

Government officials are working to keep up with the threat. The National Institute for Standards and Technology is drafting guidelines aimed at mobile security, and the National Security Agency regularly updates protection profiles to reflect the latest security threats, objectives and requirements. 

The NIST guidelines "basically are an outline of the requirements that are needed for mobile devices and mobile [operating systems] to make them sufficient in protecting enterprise data – in other words, to enable BYOD," NSA’s Mike Boyle said Jan. 30 at the Cyber Innovation Forum in Baltimore. "If you take a look at the protection profiles that the NSA has produced recently for mobile devices, we've started to incorporate requirements for hardware-rooted security to protect devices. It’s the first step along the way – and only the first step." 

Last summer, the Homeland Security Department issued an internal memo outlining threats to mobile devices specifically via Android, quoting a 2012 statistic that 79 percent of malware threats to mobile operating systems were on the Android platform. The Alcatel-Lucent study estimated that 60 percent of infected devices are Android, and a December report from IT security firm Kaspersky said that 98 percent of malware found in 2013 was directed at the Android platform.  

"Android is the world's most widely used mobile operating system and continues to be a primary target for malware attacks due to its market share and open source architecture," the DHS memo said. "The growing use of mobile devices by federal, state and local authorities makes it more important than ever to keep mobile [operating systems] patched and up-to-date." 

The memo warned of Trojan viruses delivered via SMS text messages, rootkit malwares that evade detection and log users’ locations, keystrokes and passwords, and fake Google Play domains, which serve as storefronts for apps, that lure users into downloading malware. Viruses also can be spread from infected desktops and laptops if a mobile device is connected through the USB port. 

"The threat isn't just growing in volume. We're seeing increased complexity too," the Kaspersky report said.  

Once in a network, mobile malware also can record audio and video and take pictures, making it a prime tool for corporate or government espionage. 

But according to Tony Sager, director of the SANS Institute, mobile malware is a different breed than its traditional predecessor – in a way that benefits the government.

"The good news is that it's not moving at the pace that desktops were 10 years ago," Sager said. "So we have a chance to escalate and move more quickly to get on top of these things."



About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group