In-depth

Why it’s time to worry about mobile security

We may not have seen a major mobile attack yet, but IT departments should get ready for some serious trouble ahead.

Many self-proclaimed prescient persons have been made to look foolish in recent times. The Millenium Bug, bird flu and the end of the world - due today, according to preacher Harold Camping - are just three very recent examples of panic-inducing predictions that turned out to be utterly erroneous.

Looking at the state of mobile malware right now, it would be easy to blast the scaremongers proselytising about the imminent threat it poses. On the surface, looking at the numbers should provide enough ammunition to blow away fears around the mobile threat.

Whilst there are practically innumerable numbers of malware families targeting PCs, Kaspersky had only spotted around 135 mobile species for the whole of 2010. Furthermore, much of the data mobile malware currently steals is seemingly useless. Who cares if their IMEI number is stolen?

A major problem is that cyber criminals haven't found a way to make serious money out of smartphone infections just yet. Malicious hackers would rather spend their time concentrating on pilfering massive quantities of highly valuable information from servers.

Advertisement
Advertisement - Article continues below

Google's OS is looking a little like the bullied school kid of the mobile world. Ironically, it's because of the platform's popularity.

"Hackers have to decide is if it's worth the investment. The return is singular as most phones are only storing data on single users, where the attacks that reap the biggest rewards are the servers storing gigabits of data," said Mark James, technical manager at ESET UK.

"The odd golden nugget' a hacker may find by hacking into a person's mobile device may not necessarily make the investment worthwhile."

Yet despite all of this, for manifold reasons, IT departments and indeed everyone using a smartphone or tablet should really start worrying about the mobile threat.

Number crunching

Looking back at statistics, there is little doubt malware creators have spotted a nascent market ripe for attacking in the near future. There may not be an abundance of mobile malware families, but there is little doubt the numbers are growing exponentially.

Recent figures from G Data showed mobile malware spiked 273 per cent in the first half of 2011, compared with the same period in 2010.

Android is being hit hardest. The amount of Android focused malware spiked 76 per cent in Q2 of 2011, when compared to Q1, McAfee recently found. Of all new mobile malware created in the second quarter, approximately two thirds was aimed at Android. Indeed, Google's OS is looking a little like the bullied school kid of the mobile world. Ironically, it's because of the platform's popularity.

As we have seen at various points this year, actually infecting users is not so difficult. The biggest mobile security story so far were a nasty collection of malicious apps, featuring a piece of malware called DroidDream. It was capable of stealing device details and could even download extra code onto users' devices.

Again, Android was the target. It was feared between 50,000 and 200,000 users had downloaded the rogue apps, placing their data at risk. Google was quick to remotely remove the malicious apps, yet the damage was done: it was clear smartphone owners were a valid target.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019