2011 to Bring Malware to New Places

Wayne Rash
Ready for your first iPad malware? According to researchers at McAfee, it's just a matter of time. Likewise, sometime in 2011, we can expect to start seeing malware aimed at iPhones, Android devices and maybe Macintosh computers. The reasons are actually fairly simple, but they reflect the overall broad acceptance of these relatively powerful devices in the enterprise as well as a general lack of understanding as to their vulnerabilities.

To start with, Apple products have long been believed to be free of the risk of malware, and they were. This was partly because the Windows market was a highly target-rich environment-finding vulnerabilities was really easy and there were so many unprotected computers.

That environment has changed, thus making life tougher and less profitable to the creators of malware. But at the same time, these same people have noticed the explosive growth of iOS and Android platforms, and the fact that they're used by the general public, a population generally less savvy about security than the business population with its IT departments, intrusion detection and firewalls. Smart portable devices are now becoming a target-rich environment.

Contributing to this malware threat is the fact that many users believe that their devices are invulnerable and can't be infected by malware. But the fact is that there is no such thing as invulnerability. The reason Apple products have remained malware-free has a lot more to do with their small market share than anything else. After all, why expend the programming effort to develop world-class malware when you can only infect a small percentage of all computers.

But that equation has changed. iOS and Android devices now number in the tens of millions, and they're relatively soft targets. They don't have anti-virus software, there is no intrusion detection running on these devices and the users aren't security-aware. Equally important, they are subject to social engineering approaches. This means that they are more likely to open e-mails and social networking messages that contain malware or links to sites containing malware than PC users who have learned better over the years.

What this means to your enterprise is that you need to make sure your intrusion detection system is up-to-date and can handle exploits aimed at more than just your PCs. It also means that you need to start looking for security software for iOS and Android devices. Right now there are a few anti-virus packages for Android (although I haven't tested any of them). Apple's current position is that it will issue patches for iOS when it finds vulnerabilities. However, Symantec reports that it has already found vulnerabilities in Safari that could be exploited, and urges users to be cautious when visiting suspicious websites. There does not appear to be an anti-virus program for iOS devices as of yet; although, McAfee reports that its Trust Digital enterprise mobile management software can keep malware under control on a variety of mobile devices including Android and iOS devices.

What's worse is that the emerging malware doesn't need to be operating system-specific. German researchers, for example, are reporting a new SMS exploit that can put mobile devices into a state of constant reset. They suggest that with a different payload, the same techniques could be used to take control of devices and send information to malicious parties. Short of refusing to use mobile devices, there's not much right now that you can do to prevent such malware until better protection becomes available. However, now that you know that vulnerabilities may exist, at least you can be on guard for them, and take what steps you can to limit the damage.

Add Comment      Leave a comment on this blog post
Jan 4, 2011 10:01 PM SecuritT SecuritT  says:
We have seen apple devices increase exponentially over the past 6 months. This is a hackers gold mine and they know it. Although security software does help to protect devices it certainly does not prevent infection and trojans. Common sense and end user training can go a long way in protecting any electronic communication device mobile or PC. As long as the decision to click a link or open an attachment is left up to an end user there will be exploitation. Reply
Jan 5, 2011 2:01 AM Dave Dave  says:
I agree with SecuritT. We will continue to see exploitation until we educate and make security a priority on the 8th layer (End User). Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.