The Android Strain


As in Michael Crichton's best-selling novel the Andromeda Strain, an epidemic is raging on planet Earth. This time, it's not a microorganism attacking the blood stream that is the problem, but malicious software attacking corporate networks.

OK, I admit the intro is a bit melodramatic, but the implications for enterprises are quite serious. As two recent studies found, Android malware infections are rising rapidly (see related article).

Fortinet's (NASDAQ: FTNT) FortiGuard Labs found a 30 percent increase in mobile malware in the first half of 2013, with more than 1,300 new samples appearing every day, mostly Android malware. In fact, the lab is tracking over 250,000 unique Android malware samples.

Trend Micro found that the number of Android malware apps increased to 750,000 in the second quarter, up from 509,000 in the first quarter. About one-quarter of that Android malware is designed to steal data.

Other reports released this year have had similar results. Research by F-Secure found that Android was targeted by 91 percent of new mobile threat families, the number of which increased by 49 percent in the first quarter of 2013, compared with the previous quarter.

In addition, F-Secure found the first Android threat distribution outside of apps through email spam, the first targeted Android attacks, and the first Android advanced fee fraud scam.

If that isn't enough, Infonetics Research estimated that one million high-risk Android apps would be introduced into enterprises in 2013. And Sophos found that Android malware threats exceed the threats to PCs, the traditional target of attackers.

"Android malware can place a company's future at risk by exposing strategic information or stealing passwords," Sophos cautioned in its Security Threat Report 2013.

What does all this Android malware mean for IT professionals? Well, employees toting infected Android devices can infect corporate networks when the devices access the network. Once on the network, malware can steal confidential data and passwords or disrupt the network's functions. And the malware can go undetected for months, if not years.

What's the solution? Banning all Android devices from the enterprises is not an option, given Android's dominance of the smartphone market. IT professionals should consider deploying mobile device management software and secure containers, as well as requiring employees to install anti-virus software on their devices if they are being used at work. Regular network scans for malware would be a good idea. Training employees on how to avoid downloading malware is also a positive step.

There is no silver bullet to the Android malware problem. Certainly an atomic bomb a la the Andromeda Strain is probably not advisable, or hoping the malware mutates into a benign form will not work. Only constant vigilance, clear BYOD policies, and appropriate technology will keep enterprises safe from the Android Strain. - Fred