Mobile: Behind the headlines

Share this article:
Mobile: Behind the headlines
Mobile: Behind the headlines
Headlines that push spurious information – like, “600 percent growth in mobile malware” – are not useful. The stories often do not provide sufficient context in order for readers to understand the true threat. People reading these headlines understandably might feel fear and doubt about their mobile devices.

To what does “600 percent growth” refer? Unfortunately, we are still living in a time that measures malware growth by the number of unique signatures. Modern malware is typically polymorphic in nature.

In other words, it is advantageous for the attacker to make each infection digitally unique. Desktop anti-virus companies have mostly divorced themselves from this measurement of unique signatures because of its loss of meaning. Tech journalism has kept it in their vocabulary for mobile devices because it helps them write sensational headlines.

It's more useful to measure the rate of change of malware capabilities. Has mobile malware changed through time as dramatically as the headlines might imply?

Android suffers from SMS malware, which sends fraudulent text messages to premium numbers. SMS redirection malware steals one-time passcodes for banking fraud. These are examples of regionally focused malware that exploit Android's app access to SMS and the platform's option to sideload apps outside of Google Play. Before Android 4.3, the ability for a user to lock down app access to pictures, contacts and other shared objects has meant that malware has targeted those things too.

Apple's iOS platform has had very few malware examples outside of those created by researchers like Charlie Miller, ultimately for benign purposes.

In comparison, one could write about the variations of desktop malware and fill pages with relevant content. The architecture of mobile operating systems is different than desktop. Knowing this should help mobile device users continue to use them –  and without the feeling of dread that headlines imply.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in Opinions

Heartbleed, Shellshock and POODLE: The sky is not falling

Heartbleed, Shellshock and POODLE: The sky is not ...

While it may seem like 2014 is the year of the vulnerability, in reality, this year has not been much different than years past.

Technology alone isn't going to secure IoT connected devices

Technology alone isn't going to secure IoT connected ...

It's clear that vulnerabilities continue to exist, despite our best efforts to combat them. In fact, we have addressed many of the same problems before.

DDoS is the new spam...and it's everyone's problem now

DDoS is the new spam...and it's everyone's problem ...

As new solutions emerge, it's critical for organizations to protect themselves by being informed, aware, and acting whenever possible. Those that don't take action are playing a very dangerous game.