Growing Mobile Malware threat (Mostly) Around Android.
Growing Mobile Malware threat (mostly) Around
Android.
Android.
Mobile devices are getting hit by a boom in
malware similar to the one that hit PCs starting with the rise of the Web, a
security software executive said Tuesday.
"Mobile platforms, for a lot of attackers, represent a new
target-rich environment," said Chris Doggett, senior vice president, North
America, at Kaspersky Lab. He was addressing a panel discussion at the CTIA
Wireless trade show in Las Vegas at which officials from government and
industry laid out the dangers of mobile malware and steps being taken to fight
it.
[ Mobile
security: iOS vs. Android vs. BlackBerry vs. Windows Phone | Keep up on key mobile
developments and insights with the Mobilize newsletter. ]
The creators and exploiters of malware are attracted to mobile
because smartphones and tablets are increasingly powerful and most have no
protection, Doggett said. (Kaspersky sells mobile security software.) The
threats to mobile users are numerous: Attackers can often find credentials for
various accounts by looking at incoming and outgoing text messages, they can
get contact information for work associates as well as family and friends, and
they may be able to compromise bank accounts if users do mobile banking, he
said.
Malware on the wired Internet has risen from one new sample
discovered per hour in 1994 to 200,000 new samples per day now, and a similar
trend is taking shape on mobile devices, Doggett said. In 2011, Kaspersky
discovered just over 6,000 mobile malware samples, and in 2012, there were more
than 30,000.
U.S. mobile users have been left relatively unscathed, according
to a white paper released on Tuesday by CTIA, the mobile industry group that
sponsors the show. Fewer than 2 percent of smartphones in the United States are
infected with malware, compared with more than 40 percent in some other
countries, said John Marinho, CTIA's vice president of technology and
cybersecurity. There are more than 100 million infected smartphones in China, he
said.
As attackers seek that easy target in mobile, they overwhelmingly
are looking to Android, Doggett said. Kaspersky estimates that 94 percent of
all mobile malware is written for Android. Google's mobile OS is easier for
them to use because it's more open than Apple's iOS and apps don't have to go
through the Apple security review required for the iTunes App Store. Also,
Android users can download apps from any number of places, though some Android
malware has come in software downloaded from sources that are supposed to be
trusted, including Google Play, Doggett said.
Apple isn't foolproof, as some malware has gotten through the
company's scrutiny, such as the spam-producing "Find and Call" app discovered last year, he said. But because the
bar is higher with iOS, most attackers look elsewhere, he said.
Mobile
is one target of a U.S. government effort to close cybersecurity holes in the
nation's critical infrastructure, according to Ari Schwartz, a senior policy
advisor in the Commerce Department's Office of Policy and Strategic Planning.
Following an executive order by President Barack Obama earlier this year, the
Department of Homeland Security and other agencies are working toward creating
a program for companies to take a set of voluntary steps to protect their
infrastructure from attacks.
Comments