How can users identify state-sponsored malware remotely installed on mobile devices? Is there any way to trace where the malware originated from and attribute the source of the state-sponsored attack?
Enterprises have many different options for managing endpoints remotely -- including using tools -- and performing forensics to identify the origins of malware on an infected system. Some of these same enterprise tools can be used by regular users to inspect their devices for malware. Many times, though, enterprise tools have steep prices and require significant expertise to be operated correctly. These requirements make some tools unavailable to individual users, but most end users could use mobile antimalware tools for Android or iOS from standard antimalware vendors.
But there have been concerns that commercial vendors are unable to detect sophisticated state-sponsored attacks. Users could identify state-sponsored malware installed on mobile devices using the DETEKT tool. If any malware is detected, the safest option is to reinstall the operating system from "known good" backups or installation media. Users could trace where the malware originated from by looking through browser history, but would require significant technical expertise to get a more in-depth sense of where the malware originated. Generally, it is difficult for even well-equipped enterprises to definitively attribute a suspected state-sponsored attack or type of malware.
If you or someone you know thinks they are being targeted by a state-sponsored attack, they should proactively protect themselves by following the instructions from the EFF Surveillance Self-Defense project. The same steps should be taken for any computer or device used to connect to the Internet or store your data.
Learn more about why it took so long to discover the Regin malware
Dig Deeper on Mobile security threats and prevention
Related Q&A from Nick Lewis
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading
Cloud security providers need to play catch-up with the evolving advancements in cloud technology. Find out what the top CSPs offer today and which ... Continue Reading
Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.