App stores: A security time bomb?
With more and more app stores popping up, are we about to see a significant rise in threats within these virtual stores?
ANALYSIS In the last week we saw Apple celebrating its 10 billion App Store downloads milestone.
The success of app stores has been fairly startling in recent years, altering the paradigm of how people use their web connections.
But with the rise of these virtual emporiums, more of which are set to pop up soon, has come an increase in security dangers threatening end users.
So should users be panicking about what they're downloading and is there even much to be concerned about?
Users could encounter a variety of threats on app stores. Some are bundled in with other apps, such as wallpapers.
This throws up another challenge for vendors as they try to split malicious apps from the legitimate ones.
Spyware-type applications have been spotted as well, where SMS messages were sent to unintended recipients.
More traditional, PC-like attacks are another danger. Symantec researchers recently spotted a piece of malicious kit that stole data and reported back to a command and control centre.
The app was monitoring SMS messages and was capable of receiving instructions from the command and control centre as well.
Other dirty apps have forced the user to call premium rate numbers, so the crooks get some of their target's funds.
Not so serious?
Despite the range of threats out there, users should not feel overly perturbed. Not just yet, anyway.
The fact that no precise figures have been given on how many malicious apps are present on the likes of the Apple App Store and Google's Android Market, indicates hackers have not yet identified them as fine places to acquire funds and data illicitly.
Compared to the amount and range of malware targeting PCs, malicious apps pale in comparison.
Greg Day, director of security strategy for McAfee in Europe, the Middle East and Africa (EMEA), said the security firm had not seen any more than 1,000 mobile threats in total, whereas there are 60,000 PC threats emerging a day.
However, he claimed it was "blatant" that apps will increasingly be used as a basis for attacks.
"What we've seen happen over the last year is a lot of testing can I do it, what can I do it with?" Day told IT PRO.
"The question is, at what point does that floodgate open and this becomes mainstream?"
Smarter businesses will prepare now for when mobile app threats really start to escalate, according to Day.
Orla Cox, security operations manager at Symantec, said her company had also only seen "a very small amount of threats."
But Cox said she expects certain kinds of app attacks to continue to rise, such as the aforementioned premium phone dialler danger.
She also pointed to the Android Market, indicating many of the threats Symantec has spotted had come out of the Google offering, rather than the Apple App Store.
In This Article
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download