In-depth

Why it’s time to worry about mobile security

We may not have seen a major mobile attack yet, but IT departments should get ready for some serious trouble ahead.

Many self-proclaimed prescient persons have been made to look foolish in recent times. The Millenium Bug, bird flu and the end of the world - due today, according to preacher Harold Camping - are just three very recent examples of panic-inducing predictions that turned out to be utterly erroneous.

Looking at the state of mobile malware right now, it would be easy to blast the scaremongers proselytising about the imminent threat it poses. On the surface, looking at the numbers should provide enough ammunition to blow away fears around the mobile threat.

Whilst there are practically innumerable numbers of malware families targeting PCs, Kaspersky had only spotted around 135 mobile species for the whole of 2010. Furthermore, much of the data mobile malware currently steals is seemingly useless. Who cares if their IMEI number is stolen?

A major problem is that cyber criminals haven't found a way to make serious money out of smartphone infections just yet. Malicious hackers would rather spend their time concentrating on pilfering massive quantities of highly valuable information from servers.

Google's OS is looking a little like the bullied school kid of the mobile world. Ironically, it's because of the platform's popularity.

"Hackers have to decide is if it's worth the investment. The return is singular as most phones are only storing data on single users, where the attacks that reap the biggest rewards are the servers storing gigabits of data," said Mark James, technical manager at ESET UK.

"The odd golden nugget' a hacker may find by hacking into a person's mobile device may not necessarily make the investment worthwhile."

Yet despite all of this, for manifold reasons, IT departments and indeed everyone using a smartphone or tablet should really start worrying about the mobile threat.

Number crunching

Looking back at statistics, there is little doubt malware creators have spotted a nascent market ripe for attacking in the near future. There may not be an abundance of mobile malware families, but there is little doubt the numbers are growing exponentially.

Recent figures from G Data showed mobile malware spiked 273 per cent in the first half of 2011, compared with the same period in 2010.

Android is being hit hardest. The amount of Android focused malware spiked 76 per cent in Q2 of 2011, when compared to Q1, McAfee recently found. Of all new mobile malware created in the second quarter, approximately two thirds was aimed at Android. Indeed, Google's OS is looking a little like the bullied school kid of the mobile world. Ironically, it's because of the platform's popularity.

As we have seen at various points this year, actually infecting users is not so difficult. The biggest mobile security story so far were a nasty collection of malicious apps, featuring a piece of malware called DroidDream. It was capable of stealing device details and could even download extra code onto users' devices.

Again, Android was the target. It was feared between 50,000 and 200,000 users had downloaded the rogue apps, placing their data at risk. Google was quick to remotely remove the malicious apps, yet the damage was done: it was clear smartphone owners were a valid target.

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Recommended

Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021
Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021
FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021