The Upsurge Of Mobile Malware's on
Android
An IT Wire story published on the 8th of September is
suggesting that Android may be becoming the target of choice for malware
authors over Windows.
There is a lot of ways that you can parse the meaning of
the data cited in the IT Wire story, with some reasonable and some unreasonable
conclusions being drawn by commentators on social media.
It’s long been hypothesized that the reason that malware
infections on Windows were more prevalent than on other platforms was due to
the greater market share of the Windows OS. I suspect that this theory is being
borne out. The rise in market share of Android has been accompanied by a rise
in the amount of malware targeting the platform. As more and more people use
Android devices, malware authors are going to spend more time coming up with
ingenious ways of exploiting the platform.
Microsoft had to go back to the drawing board after the
release of Windows XP to start to stem the flood of malware. It took rebuilding
Windows from the ground up, which impacted many existing applications, to
develop a newer, more hardened, version of Windows. It’s likely that Android
will similarly need to be rebuilt form the ground up (with all the fun that
brings to existing application compatibility (just look at Vista) to similarly
stem what appears to be an increasing tide of nefarious software targeting the
platform. Part of the reason that malware is becoming more prevalent is the
rise in use of the platform, part of it is due to vulnerabilities inherent in
the platform. All platforms have inherent vulnerabilities, more so if they
aren’t built from the ground up with security in mind.
In terms of managing things from the Enterprise
perspective. Organizations came up with strategies to deal with malware on
computers. However, for many organizations, Endpoint Protection considerations
don’t include anything beyond client computers. This is going to need to change
as mobile devices, including those running the Android OS, are increasingly
going to be used to access sensitive internal organizational resources. A
future Endpoint Protection strategy needs to pay as much attention to mobile
malware as it does traditional desktop malware.
They need to do this because people are increasingly
using mobile devices to perform critical job functions. And organizations need
to find some way to allow a class of device that’s increasingly susceptible to
malware infection to access to sensitive resources in a way that doesn’t
compromise those resources.
In the past few years we’ve seen a swing away from
security towards convenience when it comes to providing resource access to
mobile devices. If the rate of malware growth on mobile platforms increases,
it’s likely that we’ll see a swing back towards restricting access so that it
is only granted to trusted devices.
Until we get anti-malware on mobile right, that’s going
to be quite a mountain to climb.
No comments:
Post a Comment