Android continues to give CIOs sleepless nights

by Sohini Bagchi    May 16, 2013

malware android

With Google’s Android operating system now accounting for 74 per cent of the smartphone market, there is no doubt that we are living in an Android dominated world. However, we are not safe in this world, believe experts, as the Android threat landscape continues to grow both in size and complexity. A recent report by security firm F-secure notes that there has been a marked increase in Android malware in recent times as cyber criminals are adopting newer ways to build Android-focused malware services.

The ‘Mobile Threat Report for Q1 2013’ by the vendor reveals the number of mobile threats have increased by nearly 50 per cent during the Q1 2013, rising to 150 from 100. Over 91 per cent of those threats target the Android platform and the rest target Symbian. No such threats were found in iOS, Blackberry or Windows Mobile. The report notes a particularly disturbing trend towards the commoditization of malware, either by making premium rate calls or stealing bank details. Moreover, nearly 76 per cent of these threats were profit oriented.

Traditionally, hackers had lured mobile users into installing malicious applications on their devices by tricking them as legitimate apps on Google Play or any other third-party app stores. According to the F-Secure researchers, the new email-based distribution method extends the risk of malware infection to Android users who are not actively looking for new apps, but are generally checking email from their phones and tablets.

Ashish kumar

The continued and complex security threats in Android platform means that CIOs need to arm themselves with the right capability so that they can deal with issues such as device controls, data usage and encryption
-Ashish P Kumar, IT security analyst

Recently, a Quick Heal report also highlights the security concerns in Android devices and shows a 30 per cent growth in 2012 and a phenomenal 80 per cent increase in its modifications. “There has been a steadily increase in the number of malware attacks on Android platform in recent times and mobile devices and apps are the easiest targets,” says Sanjay Katkar, Technical Director and CTO, Quick Heal Technologies. He believes hackers find it convenient to target the Android operating system since it is open and shows a strong preference in the enterprise.

“The continued and complex security threats in Android platform means that security officers and CIOs need to arm themselves with the right capability so that they can deal with issues such as device controls, data usage and encryption,” says IT security expert Ashish P Kumar. However, in case of Android platforms, data and user management are the key concerns for security professionals. Encryption is also a challenge for CIOs even though it should be made mandatory. He informed that even a few months ago, Android devices did not have any hardware encryption which already triggered more number of threats. The latest versions however, do support device encryption, but that does not run on most of the existing devices.

The report states that Android is experiencing the same fate as Windows which also has a huge popularity in the market and continue to be vulnerable to threats. As Android attacks will continue to be more sophisticated and cybercriminals see a greater opportunity yet to be explored on the relatively new and growing platform, the F-secure report recommends that CIO/CSOs must make it mandatory to encrypt Android devices and also continuously monitor devices and detect any kind of threats.