Could Android be the next target for worm attacks?
Jail-broken iPhones have already been targeted, but what does this mean for Android, which has a more open OS?
So claims chief technology officer of security firm Qualys, Wolfgang Kandek.
In an interview with IT PRO, he said criminals haven't yet focused on Android due its comparatively small market share. But Kandek predicted more security issues would crop up as it was much more open than the iPhone.
The iPhone has suffered security issues with worms, but this has mainly been against jail-broken phones.
"As Android gets more market share, it's going to be interesting. As these phones become more powerful, they will become a very interesting attack target," Kandek said.
"So far the iPhone has held up very well, even though there are millions of them. We'll see how Android holds up with its openness and less restrictive interface," he added. "It certainly has the potential to run more powerful worms."
Kandek explained why Android was more open than the iPhone. "Both of these systems are based on Unix, but in the iPhone you do not have root access, so you are not the system administrator when you run it," he said.
"You are a simple user of the operating system, and each program is separated from each other. They cannot talk to each other. So you're running in a jail basically... That is rather powerful, and Android does not have the same level of protection," said Kandek.
As Android is already jail-broken', he said it could leave it open to attack.
To protect the Android-based devices, network operators could do certain things to protect the devices from certain attacks, according to Kandek.
For example, for the first iPhone worm, jail-broken devices were vulnerable in Australia as a carrier decided to put them directly on the internet, whereas in the UK and US it is on a private IP network.
Worm attacks on Android could leave personal information such as contacts, emails and banking details open to criminals.
If - like the most recent iPhone worm - an Android device became part of a botnet, it could also be used to send out spam mails.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now