Risk
5/17/2011
12:41 AM
Ed Hansberry
Ed Hansberry
Commentary
50%
50%

Reduce Your Android Security Risks

Threats against Google's mobile platform have increased 400% in the last year, but common sense will protect users against many of the attacks.

Hackers and criminals have been targeting Windows on the desktop for years simply because it is the biggest platform out there in terms of market share. You want to go after the biggest audience possible to increase your odds of success in finding a system that is unprotected. Now that smartphones are such a large market, with tens of millions of devices being sold and activated each quarter, the temptation is just too big to pass up.

Android is the king of the hill when it comes to smartphone market share, a fact that hasn't gone unnoticed to hackers and malware authors. Juniper Networks Global Threat Center has compiled a report showing that malware attacks on Android are up 400% since the summer of 2010.

According to the report, they are targeting the platform because many of its users are "unaware, disinterested, or uneducated" about security. The malware is focusing on monitoring phone calls and SMS messages made with the phone. When you think about how many people do online banking via their phone's voice capabilities or get confirmation codes via SMS to log into social networks, there is a lot of info to be gleaned from these two relatively old communication methods.

Juniper expects the attacks to gradually include "command and control zombies and botnet participators, devices that are remotely controlled to execute malicious attacks."

The quick solution is to be careful what you download. Most of the infections are caused by users unwittingly installing them as part of a downloaded app. Your best bet is to stick to apps in a reputable online store and look for those that have good ratings. That is no guarantee you'll be ok, but side-loading apps from unknown developers is asking for trouble.

Longer term the report suggests that the user run security software on their phone. The problem here though is phones aren't like PCs. By comparison, desktop computers have virtually unlimited storage space, computing power, and memory. Phone manufactures are constantly struggling to keep their phone's user interface smooth and responsive. Adding software that is constantly looking at what the phone is doing and checking it against a database of thousands of signatures may slow the phone to a crawl. At a minimum, there will be a performance hit.

If you are an Android user, have you been hit? Are you running any security software or are you considering it?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
11/1/2011 | 12:40:43 AM
re: Reduce Your Android Security Risks
Symantec had some interesting research recently about some of the most prevalent Android malware attacks and how attackers are monetizing malware (PDF):
http://www.symantec.com/conten...
Brian Prince, InformationWeek/DarkReading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3580
Published: 2014-12-18
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

CVE-2014-4801
Published: 2014-12-18
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-6076
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.

CVE-2014-6077
Published: 2014-12-18
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CVE-2014-6078
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.