Mobile has become the new playground for cybercrime, and so far, malware is having a field day. The migration of traditional PC-based threats, such as Trojans, spyware and spam, to the mobile platform is not surprising. The popularization of mobile operating systems such as Android, and the general lack of public awareness, has enabled malware to multiply exponentially over the past year.
Cybercriminals view mobile as another lucrative platform to exploit. And they are not the only ones. Mobile is attracting shady and unscrupulous parties employing any number of dubious practices: intrusive advertising, unauthorized data collection, government surveillance and corporate espionage.
The problem is that end-users do not view smartphones and tablets as posing any serious security risks. At best, they see the loss or theft of a device as an inconvenience or financial set-back. Organizations are slightly more conscious of the dangers but mostly think in terms of protecting corporate information and avoiding serious data breach.
Mobile devices however, need to be considered in a much broader light. Capable of a great number of functions, they are susceptible to similar threats as their desktop counterparts: phishing scams, ID theft, financial fraud, takeover by a botnet and infection by other crimeware. As mobile devices evolve and become more sophisticated, so will mobile threats. End-users need to start paying more attention now to how they use their phones and what they are installing on them.
There are a ton of mobile security solutions on the market, from simple anti-theft and antivirus apps to more inclusive mobile management services. The mobile security market has become serious business, and competition is set to heat up in the coming year. These issues are discussed in further detail in our recently published Analysis on mobile application security. Further discussion on whether organizations need mobile security can be read in our Insight.