Mobile Threats and Protection
Mobile Threats and Protection: Common Threats, Android, iOS, and Windows
With more than 1.2 billion people accessing the web via mobile platforms, the importance of this technology and its ever-growing popularity are undeniable. Unfortunately, as more people move to mobile, cybercriminals are also setting their sights on these platforms to launch their own nefarious attacks.
As mobile use becomes more widespread, the sophistication of attacks meant to steal information, identities and cash is also increasing. Mobile devices such phones, tablets and notebooks simply are not invulnerable and users need to be aware of the potential for malware and other threats.
Since mobile devices vary in their operating platforms (much like the standard Windows-based PC and Macs), cybercriminals often find themselves tailoring their attacks. They, however, have become quite good at breaching the security offered on Android, iOS and Windows-based devices.
Common Threats
NortonLifeLock, the company behind the Norton family of protection products, not only creates tools for combating mobile threats, it also catalogs and analyzes those threats. Based on its analysis, some of the most common threats mobile users face come from malicious code introduced onto mobile devices that is meant to:
- Collect data stored on a device, including sensitive personal information
- Spy on the user and log activity
- Send premium SMS, which means a user is charged for activities he or she did not authorize
- Download malicious files onto a mobile device
- Open back doors into a device that allow attackers to take control
- Track locations
- Modify settings
- Steal media and files
- Track bank account activities – these Trojans are meant to monitor bank transactions and send data, including account numbers and passwords, to the bad guys.
Any mobile device that accesses the Internet via browsers or apps is a subject to attack. Some operating systems, however, have become especially targeted by cybercriminals because of their popularity and the ease with which malware can be downloaded onto the device.
Android Threats
Devices that use the Android OS are quite popular with consumers, which means they're also a favorite for the bad guys. Malware attacks are among the biggest threats Android mobile users face at the moment. The risk of threat has become so high, in fact, the U.S. Federal Bureau of Investigation recently alerted Android users to the potential pitfalls associated with Android's market share and open source architecture.
Androids smartphones and tablets, like any other device that accesses the internet, are subject to infection by Trojans, key loggers and other forms of malware meant to separate users and their personal information. Once obtained, the bad guys use this information to steal identities, drain bank accounts and so on.
Protecting Against Threats
While Android mobile devices are vulnerable to threats, users can protect themselves. It is best to keep the OS updated to the latest version available at all times. It is also wise to run a third-party mobile platform protection application. In addition, Android users should exercise the same cautions recommended for anyone who accesses the Internet:
- Use secure, private connections
- Only share personal information on trusted, secure websites
- Run antivirus and antimalware programs
- Keep all applications updated for security
Apple iOS Threats
While Apple users tend to think of their systems as high-end and high-security, the reality is iPhones and other Apple mobile devices are also targets for the bad guys. Any iOS device can be subject to attack sources of malware and viruses.
On the upside, Apple does stay on top of threats and frequently updates its OS to keep threats at bay. Even so, iPads, iPhones and iPods are still juicy targets for cybercriminals. Apple users can increase their level of protection by:
- Making sure their iOS version is the most up to date
- Exercising standard security protocols when using mobile devices
- Adding a second layer of protection by introducing a third-party protection program onto mobile devices.
Windows Devices
Just like its counterparts, Windows mobile devices are not immune from attacks. These devices are becoming increasingly popular as alternatives to iPhones and Android devices. This is especially so since the introduction of Windows 8 and its easy-to-use app style. Couple this with the relative lower cost of a Windows phone versus an iPhone and it's clear to see why Windows mobile devices are becoming hot prospects for buyers and cybercriminals alike.
Protecting a Windows mobile device involves the same basic measures recommended for other mobile platforms. Updating operating systems, adding a known third-party protection system and basic Internet safety techniques can help put a lock on these devices.
With more people taking their computing on the road with them the risk of attack on mobile devices continues to increase. Consumers who want to protect themselves, their devices and their sensitive data need to be wary of the threats. The best line of defense involves staying on top of OS updates, making sure security measures are in place and exercising caution when using mobile devices for surfing the web. Mobile device security can be strengthened by installing mobile security apps on smartphones and tablets.
- US-CERT: Cyber Threats to Mobile Phones (PDF)
- NIST Special Publication: Guidelines for Managing the Security of Mobile Devices in the Enterprise (PDF)
- eTutorials.org: Security Threats in Wireless Networks
- John Mitchell, Stanford University:Looking Forward: Challenges in Mobile Security (PDF)
- Report to Congressional Committees: Better Implementation of Controls for Mobile Devices Should Be Encouraged (PDF)
- National Institute of Standards and Technology: Security for Wireless Networks and Devices
- Federal Trade Commission: Securing Wireless Networks
- Federal Trade Commission: Mobile Security: Potential Threats and Solutions - Part 1 (video)
- Federal Trade Commission: Mobile Security: Potential Threats and Solutions - Part 2 (video)
- Federal Trade Commission: Mobile Security: Potential Threats and Solutions - Part 3 (video)
- Federal Trade Commission: Mobile Security: Potential Threats and Solutions - Part 4 (video)
- Poole College of Management: Managing Risks of the Mobile Enterprise
- Fei Yu, A survey paper written under the guidance of Prof. Raj Jain: Mobile Device Security
- Northwestern University: Evaluating Android Anti-malware against Transformation Attacks (PDF)
- UCLA Information Security Office: Guidelines for Securing Mobile Devices
- SANS™ Institute: Securing Your Mobile Devices
- Marshall University: Mobile Security
- GNU.org: Malware in Mobile Devices
- USC Information technology Services: Keeping Your Mobile Devices Secure