Intelligent CISO Issue 44 | Page 49

eats a

T

The Nokia 2021 Threat Intelligence Report shows that banking malware threats are sharply increasing as cybercriminals target the rising popularity of mobile banking on smartphones , with plots aimed at stealing personal banking credentials and credit card information .
The report , based on data aggregated from network traffic monitored on more than 200 million devices globally where Nokia ’ s NetGuard Endpoint Security product is deployed , showed an 80 %, year-on-year increase in the first half of the year in the number of new banking trojans , which also try to steal SMS messages containing one-time passwords .
‘ A significant amount of this activity is focused in Europe and Latin America , but this activity is continuously spread to other regions of the world ’, according to the report . ‘ Banking trojans use a variety of tricks to collect the information . These include capturing keystrokes , overlaying bank login screens with their own transparent overlay relaying captured information to the intended target , taking screen snapshots and even accessing Google Authenticator codes ’.
Banking malware has been targeted mainly at Android phones . For years , this has been the most targeted mobile device type for cybercriminals due to Android ’ s ubiquity and developer openness , with some banking trojans among the most successful malware attacks in 2021 .
The Threat Intelligence Report says that most banking applications allow users to add a Multi-Factor Authentication feature to their accounts to make it more difficult for cybercriminals to obtain personal information . Users are strongly recommended to avoid mobile banking from easily accessible public Wi-Fi access points ; and to use both Multi- Factor Authentication when available and strong passwords , which avoid common personal details like birthdays .
The report also found that COVID-19 related malware incidents in residential networks have levelled off at 2.5 % after a peak in December 2020 of 3.2 %. This
FEATURE
demonstrates that people are more aware of the threats posed by COVID-related cyberattacks and are taking steps to secure their home working environment .
IoT botnets , a network of devices connected with malware , continue to grow in size and sophistication due to the rising use of IoT devices like ‘ smart ’ refrigerators and video surveillance cameras . One known as Mozi , which uses a peer-to-peer command and control protocol , has been used to create botnets consisting of around 500,000 individual devices . Mozi actively scans the network and uses a suite of known vulnerabilities to exploit additional IoT devices . IoT botnets are responsible for 32 % of the malware incidents detected by Nokia ’ s NetGuard Endpoint Security .
These stats call for action , and the Commission has acted to improve the cybersecurity of wireless devices available on the European market . As mobile phones , smart watches , fitness trackers and wireless toys are more and more present in our everyday life , cyberthreats pose a growing risk for every consumer . The delegated act to the Radio Equipment Directive aims to make sure that all wireless devices are safe before being sold on the EU market . This act lays down new legal requirements for cybersecurity safeguards , which manufacturers will have to take into account in the design and production of the concerned products . It will also protect citizens ’ privacy and personal data , prevent the risks of monetary fraud as well as ensure better resilience of our communication networks .
Margrethe Vestager , Executive Vice President for a Europe Fit for the Digital Age , said : “ You want your connected products to be secure otherwise how to rely on them for your business or private communication ? We are now making new legal obligations for safeguarding cybersecurity of electronic devices .”
Thierry Breton , Commissioner for the Internal Market , said : “ Cyberthreats evolve fast ; they are increasingly complex and adaptable . With the requirements we are introducing , we will www . intelligentciso . com
49