We constantly see stories about the latest threat from malware, particularly relating to mobile devices. But is it really as bad as it's made out to be?
No, says threat detection and containment specialist Damballa which is unveiling new research based on its big data analysis of almost half of US mobile traffic.
Damballa originally did a study in the spring of 2012 to determine the extent of mobile devices contacting malicious domains. At the time it monitored approximately 33 per cent of US mobile data traffic. Repeating the study in 2014 Damballa now monitors about 49 per cent of traffic. During the new test period researchers saw 130 to 160 million devices per day and observed 2,762,453 unique hosts contacted by mobile devices.
In 2012 researchers identified 3,492 out of a total of 23 million mobile devices - 0.015 per cent - contacting a domain on the mobile blacklist. In Q4 2014 only 11,699 out of out of a total of 151 million mobile devices contacted mobile black list domains, a mere 0.0077 per cent. For contrast the US National Weather Services says the odds of being struck by lightning in a lifetime are 0.01 per cent.
Also only 1.3 per cent of mobile hosts were not in the set of hosts contained by historical non-cellular data. There's a big overlap between wired hosts and mobile hosts therefore and mobile applications are reusing the same hosting infrastructure as desktop applications.
"This research shows that mobile malware in the Unites States is very much like Ebola - harmful, but greatly over exaggerated, and contained to a limited percentage of the population that are engaging in behaviour that puts them at risk for infection," says Charles Lever, senior scientific researcher at Damballa. "Ask yourself, 'How many of you have been infected by mobile malware? How many of you know someone infected by mobile malware?'"
For more information on the study and a look at Damballa's threat detection and defense systems you can visit the company's website.