Vulnerable Android and the negligence of users

The BYOD concept almost immediately became a source of problems for system administrators who also have relatively recently had to deal with mobile malware of an uncontrollable growing number and

The BYOD concept almost immediately became a source of problems for system administrators who also have relatively recently had to deal with mobile malware of an uncontrollable growing number and diversity.

The situation is further compounded by the still popular mobile operating system Android, which is quite problematic by itself.

99% of mobile malware today is written for Android with the numbers growing, but users are rather sluggish in reacting.

Historically, devices based on this operating system have been developed by multiple companies that have somewhat altered the shell of the OS for Android. Google has just recently started taking measures to counter the fragmentation of the system.

In turn, hardware manufacturers are interested in consumers buying new devices as often as possible, not just updating the firmware, so it is never easy to install new versions of Android on old devices.

According to the table in Wikipedia, as of October 2, 2013, the version 4.1.x led as the most prevalent (36.5%), but the second place was still occupied by old builds of Gingerbread 2.3.3-2.3.7, which had previously led the rating despite their unpatched vulnerabilities and bugs that were fixed in later versions. No wonder users are stubborn: as long as a smartphone or a tablet is operational, no one is going to buy a new one just to turn the version index’s first digit from 2 into 4. And there are not many who would like to think about the details.

We must not forget the large number of unofficial app stores for Android, too, with their degree of controlling “trustworthiness” of applications much lower than Google Play.

What is the result? 99% of malware for mobile devices today is being written for the widely used Android mobile platform. In late June, our analysts counted more than 100,000 malicious modifications of 629 malware families.

Generally, this year witnessed a sharp increase of mobile malware designed, of course, for Android.

How do users react? To put it mildly, they don’t.

According to the findings of the user risks survey by B2B International and Kaspersky Lab, this year 85% of tablet users and 84% of smartphone users own Android devices. Although 13% of users avoid Android for security reasons, and 27% of users have encountered mobile malware.

Nevertheless, only 40% of smartphone users and 42% of tablet users have made sure to enable any security solutions.

88% of tablet users and 96% of smartphone users store critical data on their devices, but only 19% and 17% respectively cared about using encryption to secure the data.

And only 25% of mobile users use any anti-theft means of protection, most likely the pre-installed ones.

The data indicates what administrators should pay attention to when employees bring their mobile devices to work with the intention of using them as practical tools. Even providing basic protection of user devices is a priority just because the users themselves are too often negligent.

Tips