As Android security threats rise, a new report highlights what could be an effective way to stop most attacks.
While all mobile platforms can be vulnerable to security problems, most attacks currently target Android devices. After all, that’s the most widely used mobile operating system.
Android virus attacks are becoming so widespread that one report predicted that by the end of 2013, 18.4 million Android devices — or 1% of all Android phones and tablets around the world — will be infected with malware.
The most common type of attack: premium rate SMS fraud.
More than three-quarters (77%) of Android security threats are malicious apps that send text messages to premium rate number, adding charges to victims’ phone bills and lining the pockets of the hackers, according to a recent report from Juniper Networks.
Often, those viruses are spread by being bundled with other applications. And some cyber criminals have even managed to get their malware into the official Google Play app store.
But there is good news: Those attacks could be blocked by upgrading a device’s operating system.
New security features
Android 4.2, the latest version of the OS, contains a feature that detects attempts to send messages to special numbers and asks the user to confirm. Assuming the user declines, that would stop the common type of attack.
Keeping the software up to date would likely stop several other attacks as well, since other vulnerabilities have likely been patched.
However, just 4% of Android devices are running version 4.2.
That’s mostly because of fragmentation in the Android market. Different manufacturers and mobile carriers release their own versions of phones and tablets, so the releases of updates are subject to long delays — and many older devices stop receiving updates altogether.
What it means for companies: It may be worth including a clause in the BYOD policy requiring all devices to be running the most up-to-date version of its software possible.
And companies that don’t allow Android devices in the office may want to see if they can make an exception for phones and tablets running Android 4.2 and later.