In-depth

Why it’s time to worry about mobile security

We may not have seen a major mobile attack yet, but IT departments should get ready for some serious trouble ahead.

Many self-proclaimed prescient persons have been made to look foolish in recent times. The Millenium Bug, bird flu and the end of the world - due today, according to preacher Harold Camping - are just three very recent examples of panic-inducing predictions that turned out to be utterly erroneous.

Looking at the state of mobile malware right now, it would be easy to blast the scaremongers proselytising about the imminent threat it poses. On the surface, looking at the numbers should provide enough ammunition to blow away fears around the mobile threat.

Whilst there are practically innumerable numbers of malware families targeting PCs, Kaspersky had only spotted around 135 mobile species for the whole of 2010. Furthermore, much of the data mobile malware currently steals is seemingly useless. Who cares if their IMEI number is stolen?

A major problem is that cyber criminals haven't found a way to make serious money out of smartphone infections just yet. Malicious hackers would rather spend their time concentrating on pilfering massive quantities of highly valuable information from servers.

Google's OS is looking a little like the bullied school kid of the mobile world. Ironically, it's because of the platform's popularity.

"Hackers have to decide is if it's worth the investment. The return is singular as most phones are only storing data on single users, where the attacks that reap the biggest rewards are the servers storing gigabits of data," said Mark James, technical manager at ESET UK.

"The odd golden nugget' a hacker may find by hacking into a person's mobile device may not necessarily make the investment worthwhile."

Yet despite all of this, for manifold reasons, IT departments and indeed everyone using a smartphone or tablet should really start worrying about the mobile threat.

Number crunching

Looking back at statistics, there is little doubt malware creators have spotted a nascent market ripe for attacking in the near future. There may not be an abundance of mobile malware families, but there is little doubt the numbers are growing exponentially.

Recent figures from G Data showed mobile malware spiked 273 per cent in the first half of 2011, compared with the same period in 2010.

Android is being hit hardest. The amount of Android focused malware spiked 76 per cent in Q2 of 2011, when compared to Q1, McAfee recently found. Of all new mobile malware created in the second quarter, approximately two thirds was aimed at Android. Indeed, Google's OS is looking a little like the bullied school kid of the mobile world. Ironically, it's because of the platform's popularity.

As we have seen at various points this year, actually infecting users is not so difficult. The biggest mobile security story so far were a nasty collection of malicious apps, featuring a piece of malware called DroidDream. It was capable of stealing device details and could even download extra code onto users' devices.

Again, Android was the target. It was feared between 50,000 and 200,000 users had downloaded the rogue apps, placing their data at risk. Google was quick to remotely remove the malicious apps, yet the damage was done: it was clear smartphone owners were a valid target.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget
Mobile Phones

Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget

13 Apr 2021