Looks like we have more and more malicious apps with which to deal. A new report published by Broomfield-based Webroot details the rise in potentially threatening mobile applications.
This should serve as a wakeup call for businesses. The report indicates that as employees continue to use their own devices and personal applications for work purposes, more threats are introduced into the workplace, putting company networks at risk.
The BYOD – bring your own device – concept might help cut down on overhead, but it likely will lead to mighty tech headaches.
The Webroot Threat Research team analyzed more than 5.9 million mobile apps and 31,000 infections, and concluded that the increased risk is caused by malicious apps, including those that require rooting the device, send premium text messages, and collect all available data. "Rooting" is the term widely used among computer and cellphone techs to refer to the process by which one gains access to the administrative commands and functions of an operating system.
The report stresses the importance of downloading apps from reputable sources such as Google Play and iTunes. Many third-party app markets do not apply strict security standards and can unknowingly host malicious files, the report said.
"Consumers are very trusting of mobile applications such as Facebook, Twitter and Angry Birds — they are apps they know and have used for some time," said Grayson Milbourne, security intelligence director at Webroot. "However, it's the thousands of unverified apps, often found on third-party markets or peer-to-peer networks that put users at risk.
"Poor app choices can lead to the compromise of an entire corporate network. The need to secure mobile devices will continue to grow as the discovery of new exploits and malicious apps increase — all driven by a clear focus on mobile platforms within the cybercrime community."
But the platform on which apps run seems to have some significance. The report said the platform for Android may pose a greater security threat than Apple's iOS platform for its iPhones.
The data indicated a nearly 4X increase in the volume of potentially threatening apps for Android in 2013 — 384 percent increase in total threats to Android devices, and 42 percent of applications for Android analyzed were classified as malicious, unwanted, or suspicious.
Webroot estimates an average smartphone user downloads more than 100 apps for a variety of different services. So if you have to download apps, and why wouldn't you? Webroot suggests the following precautions.
• Install applications only from trusted sources, including but not limited to Google Play and iTunes.
• Pay close attention to permission requests from new app installations. Err on the side of caution.
• Both corporate-owned and personal devices should use lock screens. Eight-digit PINS are much better than swipe locks of four-digit pins.
• And, use a mobile-device security app to protect against malicious apps and Web threats.
Doug Storum can be reached at 303-630-1959 or email firstname.lastname@example.org.