- Mobile device malware infection rates increased steadily in 2016, reaching an all-time high
- Smartphones hit hardest: infections rose nearly 400 percent in 2016, and accounted for 85 percent of all mobile device
infections in the second half of 2016
- Massive Distributed Denial of Service (DDoS) attacks revealed urgent need for improved Internet of Things (IoT) device
security
27 March 2017
Espoo, Finland - Nokia today issued its latest Threat Intelligence Report, revealing a new all-time high in mobile device malware
infections, a sharp increase in compromised smartphones and major IoT device security vulnerabilities.
Issued twice per year, the Nokia Threat Intelligence Report examines general trends and statistics for infections in devices
connected through mobile and fixed networks around the world.
The latest report revealed a steady increase in mobile device infections throughout 2016, with malware striking 1.35 percent of
all mobile devices in October - the highest level seen since reporting started in 2012. The report also revealed a surge of nearly
400 percent in smartphone malware attacks in 2016. Smartphones were the most-targeted devices in the second half of the year,
accounting for 85 percent of all mobile device infections.
While Android(TM)-based smartphones and tablets continued to be the primary targets, reflecting the prevalence of the operating
system worldwide, iOS-based devices also suffered attacks in the second half of the year, primarily by Spyphone surveillance
software that tracks users' calls, text messages, social media applications, web searches, GPS locations and other activities.
The Threat Intelligence Report also exposed major vulnerabilities in the rapidly expanding universe of IoT devices, underscoring
the need for the industry to re-evaluate its IoT deployment strategies to ensure these devices are securely configured, managed and
monitored.
Kevin McNamee, head of the Nokia Threat Intelligence Lab, said: "The security of IoT devices has become a major
concern. The Mirai botnet attacks last year demonstrated how thousands of unsecured IoT devices could easily be hijacked to launch
crippling DDoS attacks. As the number and types of IoT devices continue to proliferate, the risks will only increase. Nokia's
network-based security can help address this growing threat by detecting activity before a DDoS attack occurs, enabling service
providers to take corrective actions that mitigate the impact."
Key findings of the latest Nokia Threat Intelligence Report include:
- Mobile device infection rate continues to climb: The overall infection rate increased 63 percent in the second half of
2016, compared to the first half of the year.
- New all-time high: The mobile device infection rate rose steadily throughout 2016, reaching 1.35 percent in October
(vs. 1.06 percent in April 2016) - the highest level recorded since the study started in 2012.
- Smartphones the top target: Smartphones were the top malware targets by far, accounting for 85 percent of all mobile
device infections in the second half of 2016. Smartphone infections increased 83 percent during this period compared to the first
half of the year (0.90 percent vs 0.49 percent), and increased nearly 400 percent in 2016.
- Major IoT device vulnerabilities: In late 2016, the Mirai botnet assembled an army of compromised IoT devices to
launch three of the largest DDoS attacks in history, including an assault that took down many high-profile web services. These
attacks underscored the urgent requirement for more robust security capabilities to protect IoT devices from future attacks and
exploitation.
- Malware seeks a bite out of Apple: Android-based devices continue to be the primary target for malware attacks (81
percent). However, iOS and other mobile devices were also targeted in the second half of the year (4 percent).
- Decrease in Windows/PC infections: Windows/PC systems accounted for 15 percent of malware infections in the second
half of 2016, down from 22 percent in the first half of the year.
- Fixed network infections continue decline: The monthly infection rate in residential fixed broadband networks averaged
10.7 percent in the second half of 2016, down from 12 percent in the first half, and down from 11 percent in late 2015. While
moderate threat level adware activity decreased in the second half of 2016, high-level threats (e.g., bots, rootkits, keyloggers
and banking Trojans) remained steady at approximately six percent.
The Nokia Threat Intelligence Report aggregates data from deployments of the Nokia NetGuard Endpoint Security (NES) network-based anti-malware solution. NES analyzes traffic
patterns from within service provider networks for evidence of malware infections in more than 100 million devices worldwide,
including mobile phones, laptops, notepads and a broad range of IoT devices.
NES is much more efficient than traditional antivirus software, as it cannot be disabled and protects mobile and fixed network
devices without requiring any on-board security software. It enables service providers to deliver superior protection while
providing valuable insights to better manage and maintain the security of their networks.
Resources
Connect with Nokia:
About the Nokia Threat Intelligence Lab
The Nokia Threat Intelligence Lab focuses on the behavior of malware network communications to develop detection rules that
identify infections based on command and control communication and other network behavior. This approach enables the detection of
malware in the service provider's network, and the detection rules developed form the foundation of Nokia's NetGuard product
suite.
About Nokia
Nokia is a global leader innovating the technologies at the heart of our connected world. Powered by the research and innovation of
Nokia Bell Labs, we serve communications service providers, governments, large enterprises and consumers, with the industry's most
complete, end-to-end portfolio of products, services and licensing.
From the enabling infrastructure for 5G and the Internet of Things, to emerging applications in virtual reality and digital
health, we are shaping the future of technology to transform the human experience. www.nokia.com
Android is a trademark of Google Inc.; IOS is a trademark or registered trademark of Cisco in the U.S. and other countries;
Apple is a trademark of Apple Inc., registered in the U.S. and other countries.
Media Enquiries:
Nokia
Communications
Phone: +358 10 448 4900
Email: press.services@nokia.com