FACTS AND SITES. MARTÍ CRESPO
marti.crespo@partal.cat
Attacking moving targets
With the recent growth of the mobile sector, there are some 4,500 new cyber threats to Android devices every day but most attacks are still against PCs
'Each year, malware against Android increases exponentially'
'We need to make clients aware that they need to be responsible'
Malware on computers has been around for years, but cybercriminals have begun targeting mobile phones. In fact, today's phones are really just pocket computers on which is stored a good part of our lives, including sensitive personal data. As a result, security companies increasingly offer solutions to protect the data on our phones from attack: “However, users are not aware enough,” says Josep Albors, a laboratory head at Eset, a multinational leader in internet and software security.
“Each year, the amount of malware targeted at Android increases exponentially. Last year, in our laboratories, we identified millions of unique examples,” adds the security expert.
Another information security company, GData, estimates that 4,500 new security threats against Android appear daily. The number seems inflated, but it is small compared with the volume of threats against PCs.
“What we are seeing is threats are constantly modified, which makes it important to use maximum protection, as the attacks come from many places, whether through Bluetooth, classic email or a Whatsapp message. Apart from the typical viruses that subscribe you to pay services without you knowing it, at Eset we discovered one for Android that disabled the device, kidnapping the information, encrypting it with a password and then demanding a ransom to release the data,” says Albors.
This shows how the majority of attacks against mobiles are targeted at Google's mobile operating system: “Android is the platform that is attacked the most, but that does not mean it is the most vulnerable. There are attacks against all the operating systems: Windows, IOS, Mac, Linux. Is Android easier to attack than the others? Not necessarily, but as it is the most popular operating system, it is a juicy target for attackers. And now that it is also used in TVs and other devices, it is even more true,” says Albors, who adds: “If we compare it with the situation in the domestic PC market, Windows has 90% of the market share, meaning that is where hackers will go because they know it will give them the maximum return on their investment. Something similar happens with Android. In Spain, for example, it accounts for 85% of mobile sales.”
What is also true is that some app stores apply more controls and restrictions than others when accepting software. In this sense, Apple is top: “When you use an IOS app, you know it is in a controlled environment, something not always the case with Android. One app could interfere with others and steal private data, such as user accounts or passwords,” says the expert.
As a result, one of the most important things is to know what we are downloading, to do so from secure places and to carefully read the app requests: “We know that an app can never be 100% secure, but an app taken from Google Play will always be more trustworthy than one taken from an alternative market in China, which offer pay apps for free,” says Albors.
Eset has labs all over the world and Albor's is in Ontinyent, analysing example attacks provided by clients: “An excellent product is not enough,” he says. “We also need to make customers aware that they need to be responsible and not click strange links or download suspicious attachments. It is like a house: no matter how many alarms you have, you still lock the door.”
Most of Eset's efforts are directed at threats to PCs, because the volume of attacks in this area is so much higher than those against mobiles. However, the company knows that in the future it may have to deal with a whole host of products, from televisions to cars: “Almost everything can already be connected to the Internet. At home, we are starting to see televisions with online access, for example. What we must keep clear is that if we want to use online banking services, it is better to do so from a protected device, such as a computer, rather than a television, which is set up for audiovisual material,” says Albors.
Another problem security experts have to deal with is obsolescence: “There are devices or operating systems for which there is no longer any technical support because they are considered old, but there might still be millions of users using them. We also have to avoid threats in these cases,” says Albors.
What is clear is that what motivates hackers is getting maximum profit from attacks: “The main objective of a cybercriminal is monetising their threats. And if it is not an attractive economic proposition, then they are not interested. Threats are bound up with the mass use of devices. Before, when all of this began, hacking had a romantic or creative side. Today, all they are looking for is money and anonymity,” he says.
Competition between hackers and security firms is set to continue: “As long as the interested parties can make a profit, this will not end,” concludes Albors.
The small town of Passa [www.passa.fr] in the Pyrénées-Orientales department in southern France has been in the news in recent months after the mayor, Patrick Bellegarde, dedicated a new avenue in the town to the legendary US guitarist, Jimi Hendrix (1942-1970). At the beginning of July, to coincide with the long-established summer festival, Jazzèbre [www.jazzebre.com/la-saison/jazzapassa], the avenue was officially inaugurated in the presence of the idol's younger sister, Janie Hendrix, who is in charge of the company, Jimi Hendrix Experience [www.experiencehendrixtour.com].
A big Hendrix fan, Bellegarde had the idea of calling a street after his hero in a newly-built residential area. In the same area, which is home to little over 800 inhabitants, there are now plans to christen the rest of the streets with the names of musicians, such as Jordi Barre [ca.wikipedia.org/wiki/Jordi_Barre], Lluís Llach [www.lluisllach.cat] and Pascal Comelade [www.pascal-comelade.fr], who took part in the avenue's naming event.
In an interview with the radio station, France Bleu Roussillon, Bellegarde said [goo.gl/GY1BR7] he made the decision “in order to step a little outside normality and because it will be good for Passa”: “Canigó is just in the background, it is fabulous! It is a holy mountain and a symbol of Catalan identity. Associating someone who was like a fleeting musical star with this landscape is a good thing,” he said. In the same interview, the mayor also said that the new street would have no number 27, that age at which Hendrix [www.jimihendrix.com] died in 1970.