The prevalence of Android devices, with over 100 million shipped in the second quarter of 2012 and comprising 52.2 percent of the smartphone market in the United States as of September, has made them the number biggest malware target according to a new report by a security vendor. With the growth of the BYOD (bring your own device) trend, this news should inspire IT managers at midsize businesses to review their security policies with regard to the ubiquitous devices.
More Attacks, Better Sophistication
In their “Security Threat Report 2013,” Sophos states that attacks against Android devices are increasing rapidly, outpacing attacks on PCs in both the U.S. and Australia. While most attacks until present have been rather simple, the sophistication of exploits is also increasing, enabling hackers to bypass anti-malware programs that have caught on to the old tricks.
As an example, the report details that some Android users have installed versions of popular games such as “Angry Birds Space” which play just like the real game. Unbeknownst to the user, however, the software gains root access and installs Trojans, which can download further malicious code and make the device controllable by a black hat.
Another exploit forwards SMS messages from a compromised device to another device, which can be used to defeat the two-factor authentication scheme used by many financial institutions to protect against fraud. This opens up the potential for a hacker to initiate a large transfer of funds after having gotten hold of a user’s bank login information (not too hard to do these days), and then capture the authentication code delivered via text message in order to validate the transaction with the bank.
Complicating matters is that some Android users choose to purposely root their phones in order to access more software or remove restrictions, leaving these devices even more vulnerable to exploits, as rooted phones allow applications to make changes at the administrator level.
Android and the Enterprise
For IT managers at midsize businesses, Android devices clearly warrant some special attention. Fortunately, the damage to enterprise users has been minimal to date, but this may not hold true in the near future.
Sophos has some recommendations for minimizing the risk of Android malware affecting an enterprise. These include: make sure Android devices are covered in written acceptable use and security documents; opt for full encryption, including removable media; forbid rooted devices; establish protocols for automatically patching devices; set limits on which kind of apps can be installed by users and the permissions granted and implement an MDM (mobile device management) solution.
Android smartphones and tablets can be wonderful productivity tools in the enterprise for midsize businesses — as long as steps are taken to lock them down against cybercriminals who would love a chance to hack the biggest malware target.