Mobile: Behind the headlines

Share this article:
Mobile: Behind the headlines
Mobile: Behind the headlines
Headlines that push spurious information – like, “600 percent growth in mobile malware” – are not useful. The stories often do not provide sufficient context in order for readers to understand the true threat. People reading these headlines understandably might feel fear and doubt about their mobile devices.

To what does “600 percent growth” refer? Unfortunately, we are still living in a time that measures malware growth by the number of unique signatures. Modern malware is typically polymorphic in nature.

In other words, it is advantageous for the attacker to make each infection digitally unique. Desktop anti-virus companies have mostly divorced themselves from this measurement of unique signatures because of its loss of meaning. Tech journalism has kept it in their vocabulary for mobile devices because it helps them write sensational headlines.

It's more useful to measure the rate of change of malware capabilities. Has mobile malware changed through time as dramatically as the headlines might imply?

Android suffers from SMS malware, which sends fraudulent text messages to premium numbers. SMS redirection malware steals one-time passcodes for banking fraud. These are examples of regionally focused malware that exploit Android's app access to SMS and the platform's option to sideload apps outside of Google Play. Before Android 4.3, the ability for a user to lock down app access to pictures, contacts and other shared objects has meant that malware has targeted those things too.

Apple's iOS platform has had very few malware examples outside of those created by researchers like Charlie Miller, ultimately for benign purposes.

In comparison, one could write about the variations of desktop malware and fill pages with relevant content. The architecture of mobile operating systems is different than desktop. Knowing this should help mobile device users continue to use them –  and without the feeling of dread that headlines imply.
Share this article:

Sign up to our newsletters

More in Opinions

Unfair competition: Proactive preemption can save you from litigation

Unfair competition: Proactive preemption can save you ...

With each job change, the risk that the new hire will bring confidential information or trade secrets with him or her to the new company grows.

Hackers only need to get it right once, we need to get it right every time

Hackers only need to get it right once, ...

Hackers only need to find one weak point to steal valuable information. On the flip side, security pros need to account for every possible scenario.

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.