On February 24, 2015, F-Secure released their “The State of Internet in India” report. F-Secure is an online security and privacy company from Finland. F-Secure have won ‘Best Protection’ award from AV-Test.org continuously for four years and their anti-malware solutions are trusted by millions worldwide.
Talking about the findings of their latest “The State of Internet in India” report, Pekka Usva, VP, Corporate Security, F-Secure, said, “Malware trends and the state of mobile threat landscape places cities like Delhi, Mumbai, Chandigarh, Hyderabad and Chennai straight as the focal point of the attackers. Despite the decline of Downadup/Conficker, infections like Sality, Ramnit and Virtob have continue to mark their presence in the Indian threat landscape over the period of last 3 years. 2014 has highlighted many threats and F-Secure has timely highlighted them to keep its existing and prospective users safe.”
The report “The State of Internet in India” highlights the trends in malware activities in India targeting the computer and mobile phone users. The report brings up some very shocking facts.
One thing that I witnessed at the event was how easy it is for someone to spy on you if you are accessing the internet using a free Wi-Fi access point. It doesn’t even require hacking. A maliciously planted free Wi-Fi access point connected with a computer that is running a special software can read the pertinent data of all the devices accessing the internet through that Wi-Fi network. That includes the last places where you accessed the internet like a mall, your office or home. And yes, that can also include your username and password. So if you just took advantage of a free Wi-Fi to watch a YouTube video, you might be paying the price of it by revealing a lot of your confidential information. This information of the places and websites you visit can be sold out to third parties. This is what happens most commonly. But if the ‘eavesdropper’ has acquired your username and password to some site, then they can use it for other more malicious purposes too.
Modi government is talking about spreading the internet connectivity all over India and more and more states are setting up the stage to provide free Wi-Fi at various places. Does that sound like a good news? Well, the malware mongers think so too. Just imagine the expanse of playground all types of malware are going to have in India once the internet connectivity spreads to even remote villages and when more and more cities make available free Wi-Fi.
The malware activity in India is already quite alarming. The scenario at major cities is even more troubling. As per F-Secure’s report, New Delhi is consistently being the top most target of hackers and malware mongers. Cities like Hyderabad, Chennai, Chandigarh and Mumbai are also prime targets. The mobile users of Mumbai, Delhi, Chandigarh, Chennai and Gurgaon are most targeted.
The most common type of malware targeting computer users are Botnet related. That is, the malware that hijacks your computer and uses it without your knowledge to spread more malware. This might include spam and even viruses of various kinds. The report also shows that more and more users in India are becoming target to banking related malware attacks. The “Ramnit” malware is most common among these. It is capable of stealing the usernames and passwords and it mostly spreads through removable USB storage devices.
The report also suggested that as Indian users move away from Microsoft XP, it is leading to decline in certain malware that used to exploit the unpatched vulnerabilities of XP computers.
If computers are vulnerable to malware attacks, the mobile phone are not secure either. As the use of smartphone increases, the threat of their abuse by hackers is increasing too. The most common type of malware that attack mobile devices are those that exploit the mobile phones to send premium SMS that can cost you a lot of money. The mobile malware can also target the mobile device to steal information like the API Key, Application ID, Carrier, Device Manufacturer, Device Model, GPS Location, Equipment Identity (IMEI) number, network operator, SDK version etc. All this might sound like harmless information, but it can be exploited in various ways.
If this sounds scary, then understand that the cyber threat scenario is only going to get scarier and scarier. But you don’t need to be helpless victim. Be safe, be guarded. Protect all your devices using strong anti-malware software. Yes, including your mobile devices. Don’t fall to the lure of paid applications and software being hawked for free from all sorts of malicious websites. Free content can end up being too expensive. And if you get any mails or messages offering you rewards and free stuff, DONT click on their links. Don’t download smartphone applications without first being sure of the permission they are seeking from you. Even apps looking as innocent as battery boosters can be malicious. And finally, don’t mess with your smartphonte’s security by rooting or jailbreaking them. Yes, doing this opens up the device for you to customize as you want. But it also makes the smart device more vulnerable to malware attack.
