Hackers working for nation states engaged in cyberespionage have written some of the most sophisticated malware ever discovered in a computer. So future advancements in mobile malware is just as likely to come from a government lab as a cybercriminal's hideout.The rapid shift from PCs to smartphones and tablets is behind the steady increase in criminal malware seen by anti-virus vendors over the last several years. Beneath all that activity, nation states are assumed to be working hard on their own software.
The next big threat
In a talk this month, Andrew Lee, chief executive at AV vendor ESET, told attendees at the Virus Bulletin conference in Berlin that we already know governments are asking vendors for backdoors into their commercial software and ways to crack encryption systems.
But with so little security on the majority of smartphones and tablets today, governments are not expected to rely so heavily on tech providers in the mobile world.
"Why not just break the endpoint?" Lee said. "And that's what's happened. The government is getting into the malware business. The next big thing will be malware on mobile devices."
Typically, state-sponsored cyberattacks are focused on specific targets, such as a defense contractor, government agency or a think tank that advises the military. But that doesn't mean the rest of us are safe.
Government helping hackers
Tim Rains, director of Microsoft's Trustworthy Computing initiative, points out that government-built malware for military or economic espionage often helps criminals.
"The barriers to entry for criminals to leverage highly sophisticated techniques in their attacks are lowered each time the malware and vulnerabilities that highly skilled professionals develop and use, are discovered," Rains says. "This is likely to amplify the unintended consequences of espionage in the coming years."
For example, lots of criminals adapted their own malware to go after one of the zero-day vulnerabilities exploited by Stuxnet, the virus that damaged Iranian nuclear facilities. Discovered in 2010, Stuxnet is widely believed to have come from a joint Israeli-U.S. military program.
Two years after Stuxnet was found, more than 85 percent of exploits targeting Windows were going after that same vulnerability, according to Rains. While a fix was available, criminals were betting that lots of systems had not been patched.
In previous blogs, I've pointed out that in the U.S., the infection rate for mobile devices is minuscule. That's likely to remain for awhile.
However, with more than a third of Americans 16 and older currently owning a tablet and 55 percent a smartphone, there's no doubt that the amount of profitable data in our mobile devices will increase.
As the number of mobile users grow, criminals will work even harder at finding ways to get at the data gold. We can only hope that our government and other countries don't make their job easier.