MWC 2013 Mobile Security: Key Points

mobile world congressSecurity was a big theme at this year’s Mobile World Congress in Barcelona. Every major name was in attendance, touting their latest innovations for smartphones and tablets. But aside from promoting their products there were some very interesting points being made about the current state of mobile security around the world.

Users don’t understand mobile security

This was one point made over and over by everyone we spoke to: a lack of awareness is allowing mobile viruses to propagate and opening users up to dangerous security breaches.

It took years for computer owners to understand that they needed to have anti-virus and that you shouldn’t just go clicking every attachment found in an email, and unfortunately mobile security right now is in the same state as PCs in the mid-90s.

It’s no secret that the majority of mobile phone users also connect their devices to their home wireless networks. For example provided someone has an ISP like Eatel internet, it’s far more cost effective and convenient to use WiFi for texts and calls. This does however open up devices to certain vulnerabilities which is why it’s so important to use a reputable provider.

Too many people are surprised to discover that anti-virus is even a possibility on a mobile phone, and users will blindly trust apps without taking the time to check permissions. Many don’t even have a PIN code or password protecting their phone – Norton Antivirus thinks this could be around 35% of users, but McAfee estimates it might be as high as 50%.

Security companies are trying to educate (of course, they want to sell software) but manufacturers could do a lot more to raise awareness.

Android is the most popular target for viruses

Android is, unfortunately, the mobile platform most under threat from viruses and hackers. There are two main reasons for this. Android is, unfortunately, the mobile platform most under threat from viruses and hacking. Even apps themselves are under threat from would-be hackers. This is why developers should consider penetration testing cost to ensure that the vulnerabilities in their applications have been identified so that they can be addressed.

First is popularity. Last year alone 144 million Android-powered devices were sold all over the world (compared to 43 million iPhones). That’s a huge, tempting target for nefarious types who want to create the biggest impact. And with so many of these Android phones being sold in developing countries or to kids and smartphone newcomers, the victims are more likely to fall prey to their tricks.

Secondly, Android is a much easier target. It’s not that it has a significantly higher number of exploits than other platforms, but its focus on openness and freedom means virus writers have other options for getting their malware onto an Android phone. Which leads to our next point…

images

Piracy and unofficial app stores pose a huge threat

These are two of the major avenues for distributing Android viruses.

By default an Android device will not allow you to install software from somewhere other than an official source, however this is simply an option in the settings menu. Disable that and you can ‘sideload’ by copying .APK installations to the device memory.

That’s why Android piracy is such an issue, but it doesn’t just pose a problem for developers having their hard work used for free – virus writers like to attach their code to pirated apps then send them out into the wild where they’ll be available on forums, file sharing networks and even pirate app stores. Users just think they’re getting something for free, not realising that there’s an unpleasant surprise hiding in the background.

App stores are another trouble spot. Google Play is the standard app store but there is nothing stopping third parties setting up their own, which is often what happens in places such as India and China where they do not fulfil the requirements for carrying Google Play.

Unfortunately these sources are often poorly curated so it’s very easy for viruses to slip in and end up on the phones and tablets of unwitting users who think they can trust the outlet.

Now this isn’t to say that viruses never appear on the iPhone, but with nothing other than the Apple App Store (and no way to install software) on unmodified iPhones this is not the issue it is with Android.

Author Bio: Matt Powell is the editor for the broadband, smartphone and tablet information site Broadband Genie. You can follow him on Twitter @broadbandgenie