Android is the new Windows

Do you recall the early virus attacks in the early 2000s? “Blaster”, “I love you” and “Slammer” were attacking the pretty much unprotected Microsoft Windows operating system.

 

While Microsoft has been hit hard in the past, they have tried to improve and are now on a par with other software vendors. Today, they can even be happy that Android is taking over the baton - at least on mobile platforms.

According to the Sophos 2013 Security Threat Report “Android [is] today’s the biggest target” and Android devices in Australia and the U.S. experienced even more malware attacks, whether successful or unsuccessful, than PCs during the past three months. The Kaspersky security company recently added that 99% of all mobile threats target Android. Lucky you if you use an iPhone, or a good old Nokia with no Internet connectivity at all.

But why is that? It is partly down to the same factor that affected Microsoft in the past: market share. More than 50% of all mobile devices run the Android operating system. In addition, the Android app market is heterogeneous and uncontrolled – the complete opposite of Apple's central iTunes app store. This heterogeneity makes it easy for attackers to publish and distribute their malicious apps. However, one of the main reasons, according to Katja Locker of SWITCHcert, is that only 10% of all devices are running the newest version of Android called “Jelly Bean”. “Gingerbread”, which is two years old, still powers over 47% of all devices. She quotes IT expert Michael Kroker saying that this isn’t the users’ fault though – over the past 24 months, Google has “failed to hold manufacturers and providers accountable and get them to convince their customers to update.” In comparison, Apple’s iOS6 had a 60% conversion rate just one month after release.

So how can you improve? Obviously, running or updating to the latest version of Android (“Jelly Bean”, version 4.2) helps. If you can’t do that, be careful when installing apps. Only download apps from a location or store that you trust. Beware of malicious URLs and QR codes (see our Bulletin article “One photo to rule you phone”) – STOP, THINK, CLICK can also help you here. Finally, you might want to consider installing dedicated anti-malware detection apps like those offered by Avast or ESET.

For further information, questions or help, please check our website or contact us at Computer.Security@cern.ch.

Access the entire collection of Computer Security articles here.

by Computer Security Team