The most worrying security problem for one security pro is something that sits in the palm of your hand.

When someone I respect tells me that there's a security threat that really worries them, I pay attention. And when that worry is something that I hadn't really thought about before the conversation, well, it worries me even more.

Kevin Walker, CTO for security in Juniper Networks' development group, is someone whose opinion I respect. If you want to hear an example of why that's so, just listen to the radio show when he was my guest in early July. I had a chance to sit down with Walker at Black Hat and we had a conversation that touched on a broad range of topics but the thing that brought me up short was when he said, "You know what really worries me?" That's a phrase guaranteed to get my attention.

Walker then told me that ransomware on Android devices has him worried -- and he spelled out why in three broad strokes: a perfect storm of enormous reach, an undisciplined app ecosystem and a payment system easily exploited for ransom payment makes the world of Android ripe for criminal picking.

Android's enormous reach was quantified in May when Google announced that there are more than 2 billion Android devices in use each month. While many people point out the fragmented nature of the Android ecosystem, Walker notes that there are many commonalities between the different versions of the operating system -- commonalities than an attacker can exploit to create as many victims as possible.

The Android ecosystem's "unstructured" nature extends to the market for Android apps. No significant formal vetting system for apps before distribution means that it is possible for a malicious app to be published on Google Play or a third-party app market and downloaded by thousands upon thousands of people before the wisdom of the crowd made the problem known. This has happened before, and the potential is certainly there for it to happen again. Unlike earlier outbreaks, though, there's a new wrinkle that makes Android devices even more attractive to ransomware attackers.

Want to learn more about the tech and business cases for deploying virtualized solutions in the cable network? Join us in Denver on October 18 for Light Reading's Virtualizing the Cable Architecture event – a free breakfast panel at SCTE/ISBE's Cable-Tec Expo featuring speakers from Comcast and Charter.

Google Pay is one of the current generation of mobile payment systems that promise faster, more convenient and more secure payment for goods and services. Walker imagines scenarios in which attackers demand rapid payment of a ransom or even set victims against one another for the most rapid payment: "The first person to pay the ransom gets their data back -- everyone else will lose everything." On-device payment mechanisms make rapid response possible.

Most of the analysts I spoke with at Black Hat consider ransomware to be a type of attack that is spectacular but not, in the grand scheme of things, as damaging as other malicious payloads. The scale of a possible Android ransomware attack could change that and turn ransomware into one of the highest priorities on everyone's security list.

Related posts:

— Curtis Franklin is the editor of SecurityNow.com. Follow him on Twitter @kg4gwa.

Read more about:

Security Now

About the Author(s)

Curtis Franklin, Principal Analyst, Omdia

Curtis Franklin Jr. is Principal Analyst at Omdia, focusing on enterprise security management. Previously, he was senior editor of Dark Reading, editor of Light Reading's Security Now, and executive editor, technology, at InformationWeek, where he was also executive producer of InformationWeek's online radio and podcast episodes

Curtis has been writing about technologies and products in computing and networking since the early 1980s. He has been on staff and contributed to technology-industry publications including BYTE, ComputerWorld, CEO, Enterprise Efficiency, ChannelWeb, Network Computing, InfoWorld, PCWorld, Dark Reading, and ITWorld.com on subjects ranging from mobile enterprise computing to enterprise security and wireless networking.

Curtis is the author of thousands of articles, the co-author of five books, and has been a frequent speaker at computer and networking industry conferences across North America and Europe. His most recent books, Cloud Computing: Technologies and Strategies of the Ubiquitous Data Center, and Securing the Cloud: Security Strategies for the Ubiquitous Data Center, with co-author Brian Chee, are published by Taylor and Francis.

When he's not writing, Curtis is a painter, photographer, cook, and multi-instrumentalist musician. He is active in running, amateur radio (KG4GWA), the MakerFX maker space in Orlando, FL, and is a certified Florida Master Naturalist.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights