Open source Android a target for cyber criminals

In Common ByRyan Farmer / 11th November 2011

The smartphone revolution was always inevitable if we considered Moore’s law as indisputable fact. To abridge a very fascinating and somewhat complicated branch of philosophy coupled with technological discourse, Moore’s law relates to the idea put forward in 1965 by Gordon Moore, Intel co-founder, that the number of transistors on a chip would double every 24 months.

Simply put, this would result in technological devices being smaller, more intelligent and powerful than their predecessors. So far so good, this could be a near-enough description of how things have panned out nearly 50 years on from that now prescient statement.

With smartphones coming to dominate the lives of everyone from bankers, to social networkers to information security and risk management professionals, these devices, like their cumbersome ancestors, are vulnerable to – or at least victim to – cyber security breaches.

Google’s Android operating system, which is at the forefront of the smartphone market – it’s available on a wide range of devices at competitive prices – is one which is being most visibly targeted. At any given time there are 40,000 infected devices across the globe, which goes some way to show how serious the problem is for Google.

It comes with the territory – Google, though famous for its adage “don’t be evil”, has grown into a huge multinational corporation with a massively diverse portfolio of operations. Many of which are free, many of which are predicated on the idea of collaboration. This is especially the case with Android, which is based on an open source philosophy – which allows people the freedom to modify, change and improve existing programs.

Which leaves it naturally vulnerable to those seeking to use it for far less noble goals – rootkits, Trojans, botnets, you name it; all of this is able to, in some way, immerse itself into the Android operating system. An apt description of this is the commercialisation of mobile malware, meaning smartphones are now prey to malicious and manipulative rogue software like SpyEye.

That’s just a brief introduction to the current state of play in the growing prevalence of cyber security in mobile devices. In the last year alone, 20 per cent of cyber crime in the United Arab Emirates occurred on mobile devices.

With smartphones fast becoming a part of everyday business, adopting risk management procedures to counter this is going to be an important part of the daily rigmarole.

In our next blog, we’ll look at some of the major threats and vulnerabilities on Android devices.

Download the Acumin white paper on Android Security from here: http://www.acumin.co.uk/cm/content/resources/white_papers