This Past Year Can Be Viewed as the Year of Android Malware
Mobile vulnerabilities grew 93 percent in 2011, and there was a jump in threats that targeted Android. Last year, for the first time, mobile malware presented a tangible threat to businesses and consumers, Symantec officials said. The relatively open nature of Android and its apps market is making the Google operating system an attractive target for cyber-criminals, according to security firms. In March, security software vendor Total Defense noted that 25 times more Android malware was detected in 2011 than in 2010.
This past year can be viewed as the year of Android malware with more than 9,000 escalations, clearly illustrating the exponential growth of threats targeting this platform, Total Defense CEO Paul Lipman said at the time his companys report was released. The rise of Android malware opens up an interesting debate about security architectures and the merits of open versus closed systems. While users have the ability to install any code, from anywhere, the problem is that criminals see this as an advantage, too.
In February, a report by Juniper Networks found that malware targeting Android grew 3,325 percent in the last seven months of 2011.
There was some good news on the mobile front, according to Symantecs Haley.
One bright spot in the report is the reduction in spam emails being sentfrom 88 percent of all email volume to 75 percentas authorities shut down one of the largest botnets in the world, he said. But while the number of spam emails declined, there was an increase in phishing emails and other scams. Malware is still rampant on Websites and in email. Surprisingly, the report notes that 61 percent of Websites exposing users to malware are actually legitimate sites that have been compromised, rather than sites created for the sole purpose of infecting users. And 4 to 5 percent of business email messages sent now contain malware.
The Symantec report also noted the increase in data breaches, with a rising concern over the issues of lost mobile devices. About 1.1 million identities were stolen during each data breach last year, a significant increase over previous years, the company said. While hacking incidents were a key threatexposing more 187 million identities last yeardata breaches were more likely to be caused by lost smartphones, tablets, USB keys or backup devices. Such lost or stolen devices exposed 18.5 million identities.
Symantec officials expect that number will go up, and smartphones and tablets continue to outsell PCs, and more people are using these devices for work, part of the bring-your-own-device (BYOD) trend in organizations that still are trying to determine the best ways to secure and manage these devices that are accessing the corporate network.
Earlier research by Symantec found that half of lost mobile phones are not returned, and 96 percent of lost phones will sustain a data breach.