Smartphones, Tablets, Android Are Why Malware Is Going Mobile in 2012By Channel Insider Staff | Posted 2012-01-18 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
NEWS ANALYSIS: As 2012 gets going, it's time to accept that malware and cyber-attacks will increasingly target mobile users and Internet applications.
For years, computer users' biggest security threats were attacks against their desktop computers and applications. But cyber-criminals increasingly have been turning their sights toward mobile devices and Web applications, as they are fertile new ground for lucrative cyber-attacks.
It won't happen overnight, of course, and there will still be more than enough security flaws impacting Windows and other desktop platforms to keep companies like Symantec and McAfee in business for years to come. But for mobile device users, security applications are as much a requirement for them as they are for desktop computer users.
Cyber-criminals have spent the past several years developing new attack strategies for mobile applications and devices. And this year, they're going to try to break in every chance they get.
Read on to find out why security threats are increasingly going mobile this year.
1. Windows 8's security
According to Microsoft and the security researchers who have tried out Windows 8, the operating system will be the best yet at protecting users. In fact, some say that all users will need is Microsoft's own security suite to safeguard their computers. That's a major development in the Windows ecosystem. If Microsoft can actually deliver on those lofty promises, cyber-criminals may shift their attention from the desktop to online targets. But a really secure Windows 8 could go a long way toward showing the industry at large how to build security into mobile and Web applications as well as desktop applications.
2. Cloud services are a cash cow
Cloud services are a potential cash cow for cyber-criminals. In enterprise-focused applications, they can include bank information and Social Security numbers to just about anything else. What's worse, enterprises and consumers accessing cloud applications are placing all their hope in the service provider to protect their data when there is a serious risk that cloud services can be penetrated by cyber-criminals, who could reap boatloads of cash from stolen information.
3. Social networks are too
As the Koobface worm has proved, there's an inordinate amount of money in targeting social networking users. A new report from the New York Times claims the people allegedly behind Koobface generated millions of dollars just by taking aim at social network users. Security experts say the cyber-criminals behind Koobface are still active and it's likely that they or copycat hackers will launch new Koobface variants or Koobface-like attacks this year.
4. Android use is exploding
Unfortunately, Android has quickly become an easy target for malicious hackers around the world. The operating system is the most popular mobile OS for cyber-criminals, and most security researchers believe that trend will only continue in 2012. So, why is that happening? For one thing, the operating system doesn't have all the safeguards found in, say, BlackBerry OS. What's more, a tremendous number of people are adopting the software each day. That presents an ever larger and highly lucrative target for cyber-criminals. Keep that in mind.
5. Apps are easy entryways
After Apple launched the App Store and other companies followed suit, smartphone owners around the world assumed they could download any program to their mobile devices with complete confidence and safety. But as last year's Android Market infiltrations showed, that's not the case. Even so, users don't realize the threats associated with apps, and how easily they can be used against them. Even text-messaging applications can deliver malicious payloads. Apps are a unique and hugely profitable opportunity for cyber-criminals, and this year they're not going to let that slip by.
6. Where are all the security apps?
Interestingly, security companies have been somewhat slow to deliver mobile anti-malware applications to safeguard mobile devices. The big firms, like McAfee, offer some apps, of course, but as with early Windows software, they don't appear to be keeping up as well as they could with all the threats out there. Even cloud security solutions are subpar. It's about time the security community gets far more serious about protecting people both online and on the Web.
7. User ignorance is a factor
It's no secret that one of the main reasons Windows became such a security hole was that its users let it happen. Too often, PC owners don't update security software, go to malicious sites and trust sources that they shouldn't. In the mobile and online world, things are even worse. Unfortunately, people have been conditioned to believe that the real threats are on Windows, when in reality, they're also present on the Web and in mobile operating systems. Study after study has shown that people are especially lax about security when using a smartphone. This year, cyber-criminals will capitalize on that in a big way and we'll all rue the day we failed to acknowledge the importance of security no matter where we are.
8. The enterprise is moving there
If history is to be our guide, it will show that whenever the enterprise goes to a new technology or service, cyber-criminals will follow. Now, the enterprise is shifting to mobile products, like the iPhone and iPad, and cloud services. Seeing a potential cash windfall, cyber-criminals are pouncing. Make no mistake, the enterprise's shift to the Web and mobile is a big reason cyber-criminals are doing the same.
9. Solutions are few and far between
Just about everywhere one turns, they'll find a security company or analyst talking about the increased threats we'll be facing in the coming months. But at what point do all those analysts and researchers deliver a solution to safeguard users? Sure, there's security software and other online safeguard mechanisms, but it's not enough. Solutions are needed to identify cyber-criminals, anticipate their actions and respond with a way to stop them.
10. The opportunities are endless
The move to mobile and cloud computing has brought about an endless universe of inviting targets. No computing device connected to the Internet is immune. New opportunities for cyber-criminals to target users are nearly endless. Should they go after us via email, hacked Websites, SMS messaging or malware-tainted apps? How about social networks? Mobile devices and the Web provide an endless array of opportunities for cyber-criminals to hit us. The challenge is for the technology industry to find innovative and broad solutions to the ever-expanding array of cyber-threats.
To read the original eWeek article, click here: Smartphones, Tablets, Android Are Why Malware Is Going Mobile in 2012