x Abu Dhabi, UAESunday 23 July 2017

Cyber attacks target smartphones

Cyber attacks on smartphones and tablets are expected to surge next year, with certain devices more likely to come under siege.

Trend Micro warns that mobile phones that use the Android operating system are likely to suffer from more cyber-criminal attacks. Bloomberg
Trend Micro warns that mobile phones that use the Android operating system are likely to suffer from more cyber-criminal attacks. Bloomberg

Owners of smartphones and other mobile devices should scrutinise their gadgets for viruses next year, as they come under increased attack from cyber criminals, experts warn.

"In the Middle East, especially, the mobile usage is pretty high and people have more than one most of the time," said Bulent Teksoz, the chief security strategist for emerging markets at Symantec, the online security firm.

"But the level of security on smartphones is nowhere near an acceptable level. We'll see [attacks] increase more and more next year."

While a survey conducted by Symantec has found that more than half of UAE residents run antivirus software on their desktop and laptop computers, very few think about protecting their smartphones. And many who own one use the device to check their emails frequently.

One in nearly every 328 emails in November was identified as malicious, which was up from about one in every 433 emails in October, according to data from Symantec.

The growing popularity of mobile-based software applications - or apps, as they are commonly called - is another major reason phones are expected to be targeted more often next year.

Apple announced this month that its online store now featured more than 500,000 apps, which customers are downloading at a rate of more than 1 billion a month.

Yet mobile phones that run Google's Android operating system, in particular, "will suffer from more cyber criminal attacks", warns Trend Micro, a cyber security firm that recently released a report outlining predictions for attacks in the new year.

A new threat, which Symantec dubs "Android.Arspam", emerged during the Arab Spring on the Android Market this year when it was embedded into a pirated, popular Islamic app, then distributed through online forums that focused on Middle Eastern issues. The official version of the app is not affected but looks remarkably similar.

"The Arab Spring is just one of many trending topics that are attracting a higher volume of online traffic which is essentially where the low-hanging fruits lie," Mr Teksoz said.

More than 10 billion apps have been downloaded from the Android Market so far, Google announced earlier this month.

Experts say the Android platform has become a favourite target among hackers because of its app distribution model, which makes it completely open to all outside parties and prone to more attacks. "We believe this will continue in 2012 although other platforms will also come under fire," Trend Micro warns.

Criminals are expected to release more malicious apps next year, and go after legitimate ones as well, by finding vulnerabilities or coding errors that could help them obtain personal data or unleash viruses upon victims.

"Compounding this further is the fact that very few app developers have a mature vulnerability handling and remediation process, which means the window of exposure for these flaws may be longer," according to Trend Micro's report.

Other mobile devices such as tablets are also of "major concern", said Mr Teksoz. He said slate computers, which include Apple's iPad and Samsung's Galaxy Tab, fly under the radar of IT experts in the workplace and often hold sensitive corporate data.

Some employees then steal highly confidential intellectual property using these devices.

Others have become victims of cyber attacks on these mobile devices, after rival companies used digital espionage to acquire proprietary information. In the past, these kinds of attacks tended to occur on desktops or laptop computers.

"Will we see more digital espionage spilling over to tablet devices and mobile phones? Yes," Mr Teksoz said. "As long as they contain confidential information, which we know they do, and are not as protected they are the weakest link in the whole security cycle."

nparmar@thenational.ae

twitter: Follow our breaking business news and retweet to your followers. Follow us