Presented by Nokia

Overt Intelligence: The Rising Tide of Malware

The global pandemic hit every business, network, and individual, hard. It changed operational approaches, corporate structures, and working methodologies.

It also caused a surge in mobile malware infections with the average monthly infection rate increasing from 0.23% in February and March 2020 by almost 30% in the following months.

An escalation felt by security systems and organisations, one that was initially felt in the mobile arena but rapidly moved across to fixed broadband.

According to Naveed Kashif, Customer Experience (CX) for Southern Africa and the MTN Customer Business Team at Nokia, the spike was felt beyond mobile and fixed, and well into the Internet of Things (IoT) landscape with infections rising significantly during the year.

“This trend lines up with the growing number of IoT devices that are now connected to mobile networks,” he explains.

“It has become critical for individuals to recognise the risks, to protect their data, and to pay attention to their online behaviour. Many vulnerabilities exploited in 2020 were because of user error.”

When it comes to risk factors, however, the Nokia Threat Intelligence report highlighted two devices that are the most common targets – Android devices and PCs.

The former is responsible for 26.64% of infections across all platforms – down from 47.15% in 2019 thanks to improved security protocols – and still, a vulnerability when not properly protected. The PC was up from 35.9% of infections in 2019 to 38.92% in 2020, making it the team leader for risk when it comes to vulnerable platforms.

“The actual attack vectors have also evolved with a clear trend towards info-stealers and spyware,” says Kashif.

“These make up 35.75% of all Android infections, followed by Trojans as the malware of choice. These have jumped to 74% from only 34% in 2019, and this is largely due to the exceptional circumstances introduced by the pandemic. Phishing campaigns clearly became the best way to deliver malware straight to the user.”

The report found that many of the malware threats found in mobile and fixed networks had been created to achieve very specific goals.

They lacked sophistication but were effective enough to introduce problems to individuals and organisations. CoViper, a new wiper malware family, took advantage of the crisis by masquerading as a file related to the virus.

Once opened, it enters the infected system’s boot operation and rewrites the Master Boot Record. The ‘Coronavirus Maps’ Trojan, targeted the Windows platform by pretending to provide accurate information around deaths, infections, and transmissions. Another risk is COVIDLock Android Ransomware, another Trojan that claims to track the virus but instead is ransomware that locks the device until payment is made.

“Alongside the Trojans and ransomware, there were notable themed phishing attacks that took place over the year including Remcos RAT, PlugX, and HawkEye,” concludes Kashif.

“These malicious attacks focused on taking sensitive information and ransom, and they shared cyberspace with Kimsuky COVID-19, Anubis, Cerberus, and Gimp.”

As the world continues with revised approaches to work and business, it has become critical for organisations and individuals to take more careful measures when engaging with any content online.

To optimise security hygiene across the board, do not visit disreputable sites, only install applications from trusted app stores, install an up-to-date anti-virus, and do not open email attachments, especially if the email is unexpected. With these basic rules governing online behaviour, risk can be minimised, and the threats managed.

But, as always, they are not fool proof, so stay alert and make sure you are always aware of the threats, how they work, and how to protect your information.

Latest news

Partner Content


Share this article
Overt Intelligence: The Rising Tide of Malware