Symantec shifts from protecting your
computers, to protecting your data and reputation.
Four to five years ago, to be protected on
the internet meant protecting a particular device when it was connected the
internet, whether PC, Mac or mobile device. Today however, thanks to the
proliferation of social media and the internet, there are so much more of us
online than ever before. More of us are storing our information in the cloud,
as well as on social networks.
At the recent Next@Norton event held on San
Francisco earlier this year, Symantec representatives were adamant that,
instead of protecting machines and devices, there is now the need to protect
“me” while on the internet.
A Nielsen survey done last year estimates
that in a single month, over 53 billion minutes were spent on Facebook, and
that’s just for the United States. The way we’re interacting with one another
has changed drastically. For that, Symantec teamed up with Facebook to offer
Norton Safe Web, an app that automatically scans your timeline for bad and
malicious links.
Even then, scammers have found many ways to
take advantage of Facebook and its (supposed) 900 million users. For example,
with Like-jacking, users are presented with an enticing link (the bait) which
brings the user to a page which claims to require some kind of identification
before they can proceed, typically in the form of a CAPTCHA test. Unbeknownst
to the user, the page hides a Like button underneath the CAPTCHA test submit
button, which then generates a Like instead.
Another scan, Comment-jacking works in a
similar way, where a comment is added instead of typing characters to complete
a CAPTCHA test. Once done, the original malicious link is reposted in users’
walls for their friends and family to see.
On Twitter, malicious links scammers
creating fake accounts to follow a number of users, and use @ replies to spam
their followers with malicious links. And in the event that a user’s Twitters
account can somehow be taken over, their accounts are then used to send out
Direct Message (DM) spam to their unsuspecting followers.
Whatever the scam, the common thread is the
scam post coming from a trusted friend and/or follower, with the implied
validation that the link is safe to click on.
Symantec also warns that drive-by downloads
are popular methods used by scammers to trick users into downloading malware
masquerading as a legitimate app or plugin. To counter this, their Norton Labs
counterparts are working on something called the Norton App Advisor.
Currently still in development, Norton App
Advisor is essentially a reputation-based system for social media applications.
Combined with data from Norton Safe Web, users can get information on each
social media app such as who built it, what kinds of user information it
accesses, who built the app and so on. The aim is to provide users with
additional information to determine if the app is safe to download and install.
Norton App Advisor’s significance is even
more apparent when you consider that Facebook cannot monitor all third-party
apps designed to work with their social media platform, as those apps can be
hosted on external websites outside of Facebook’s purview, while accessing your
publically available data through Facebook’s open APIs.
While everyone in the industry knew that
mobile was going to be the next big thing, it was the iPhone that really got
the ball rolling. Aside from just having antivirus and anti-malware in your
smartphone, you also want to be able to secure and locate a device when lost or
stolen. With over 7 million downloads so far on Google Play, Norton Mobile
Security is Symantec’s solution for mobile devices.
With mobile malware, it was all about
Symbian to begin with, though numbers started declining once signing Symbian
apps was introduced in 2006. Apple’s iOS has largely remained malware-free,
though rooter iOS devices remain vulnerable (anyone remember the Ikee worm?) as
they can load non-sanctioned apps outside of Apple’s walled garden.
Android on the other hand, has malware
numbers shooting through the roof. In 2012, Symantec says that there about
4,000 samples of malicious APK files identified in February, shooting up to
12,000 samples in April, and then 16,000 in May. And when you looked at the
rise of polymorphism in malicious Android APKs, the ratio of families to
samples in July 2011 was about 1:8. In May 2012, that rose to a mind-boggling
1:159. This is worrisome, as there are over 70 different sources for Android
apps outside of Google Play.
We’re in an age where we’re consuming and
creating more data than ever. We’re using multiple devices at one go, from
various locations and connection points. We want to feel comfortable that our
information stays private when we want it to be. With the changing security
landscape, evolving consumer habits, the continuing rise of mobile as well as,
what else, Windows 8, Symantec certainly has a lot on their plate. There’s not
going to be a guarantee that the new products and services that Symantec has up
their sleeves will be effective against the unrelenting onslaught if malware,
but at least, they’ve got their eye on the ball.
Norton Hotspot Privacy
An upcoming app from Norton, Hotspot
Privacy functions much like a VPN, but helps secure your device’s internet
connection by hiding your IP behind an anonymous serves address from a
user-selectable country. The app will be made available for both iOS and
Android platforms.
Norton Mobile Utilities 2.0
Coming soon to Google Play, version 2.0 of
Symantec’s Norton Mobile Utilities lets users define different battery use
profiles, with the ability to specify actions such as turning off the vibrate
function, or dimming the screen.
Norton App Advisor
A work in progress, Norton App Advisor is a
mashup between social network app graph data and Norton Safe Web. This gives
insight into specific social media applications, such as who built it, data it
accesses, who built the app and so on.
Mobilesecurity.com
This new website aims to provide more
information and news regarding mobile security for Android, iOS, tablets and
phones, in a format that’s more palatable and understandable for the non-geek
user, complete with widgets and interactive tools.
