Could Android be the next target for worm attacks?
Jail-broken iPhones have already been targeted, but what does this mean for Android, which has a more open OS?
So claims chief technology officer of security firm Qualys, Wolfgang Kandek.
In an interview with IT PRO, he said criminals haven't yet focused on Android due its comparatively small market share. But Kandek predicted more security issues would crop up as it was much more open than the iPhone.
The iPhone has suffered security issues with worms, but this has mainly been against jail-broken phones.
"As Android gets more market share, it's going to be interesting. As these phones become more powerful, they will become a very interesting attack target," Kandek said.
"So far the iPhone has held up very well, even though there are millions of them. We'll see how Android holds up with its openness and less restrictive interface," he added. "It certainly has the potential to run more powerful worms."
Kandek explained why Android was more open than the iPhone. "Both of these systems are based on Unix, but in the iPhone you do not have root access, so you are not the system administrator when you run it," he said.
"You are a simple user of the operating system, and each program is separated from each other. They cannot talk to each other. So you're running in a jail basically... That is rather powerful, and Android does not have the same level of protection," said Kandek.
As Android is already jail-broken', he said it could leave it open to attack.
To protect the Android-based devices, network operators could do certain things to protect the devices from certain attacks, according to Kandek.
For example, for the first iPhone worm, jail-broken devices were vulnerable in Australia as a carrier decided to put them directly on the internet, whereas in the UK and US it is on a private IP network.
Worm attacks on Android could leave personal information such as contacts, emails and banking details open to criminals.
If - like the most recent iPhone worm - an Android device became part of a botnet, it could also be used to send out spam mails.
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now