Mobile Malware Evolution Does Not Bode Well for Android Apps

Sue Marquette Poremba
Slide Show

How to Secure Your Company's Greatest Risk: The User

I’m an Android user by default. I don’t like the Apple devices, and the other options out there didn’t fit my needs. But one of the first things I do whenever I acquire a new Android device is to make sure I’ve downloaded security apps from trusted sources. I do so because I know that Android is extremely susceptible to malware.

I never realized really how susceptible Android was until recently. A new report from Kaspersky Lab found that in 2013, nearly 100,000 new malicious programs for mobile devices were detected, more than doubling what was found in 2012, and 98.1 percent of all mobile malware detected in 2013 targeted Android devices. The number of malicious applications used by cybercriminals is in the millions.

More alarming in my opinion is a report from RiskIQ that found that malicious apps found in the Google Play store increased by 388 percent between 2011 and 2013. Almost 13 percent of the apps downloaded from Google Play in 2013 were loaded with malware. That’s alarming because Android users are constantly told not to download apps from third-party sources, but rather download through Google Play. Now we’re being told that Google’s own app store is not safe either? It doesn’t have me tossing my Android devices and buying iOS ones instead, but it does have me thinking twice before downloading any app.


You may be thinking you’re safe if you have security apps on your devices and you make sure they are regularly updated. That should keep your device safe from bad apps, right? That’s what I thought, too, until I read further into the Kaspersky Lab report. As researchers Victor Chebyshev and Roman Unuchek wrote in a SecureList post:

Criminals are increasingly using obfuscation, the deliberate act of creating complex code to make it difficult to analyze. The more complex the obfuscation, the longer it will take an antivirus solution to neutralize the malicious code. Tellingly, current virus writers have mastered commercial obfuscators.

So, no matter how good my security software is, the bad guys have gotten very good at getting around it.

These reports should also be kept in my mind when creating BYOD policies. We can no longer trust that our security systems work, and thus, the primary security on a device should not be security software.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data


Thanks for your registration, follow us on our social networks to keep up-to-date