IBM research forecasts surge in mobile device exploits
IBM's X-Force research arm has released a new report that forecasts mobile device exploits to double from 2010 to 2011.
IBM found that while the number of known mobile operating system vulnerabilities appears set to increase just slightly from 2010 to 2011, the number of mobile device exploits leveraging those vulnerabilities will surge. The number of mobile device exploits increased by 400 percent from mid-2009 to mid-2010, and that number is expected to double from 2010 to 2011.
"For years, observers have been wondering when malware would become a real problem for the latest generation of mobile devices," said Tom Cross, manager of threat intelligence and strategy for IBM X-Force, in a statement. "It appears that the wait is over."
Of the 24 mobile operating system vulnerabilities seen in the first half of 2011, half have pertained to easy-to-exploit vulnerabilities that can lead to arbitrary code execution on the targeted device.
"Almost all of these vulnerabilities represent client software remote code execution vulnerabilities that are exploitable by malicious Web servers through the browser or the browser environment," said IBM's report. "These vulnerabilities directly fit the drive-by-download approach of attracting victims to malicious websites that has been the pattern of a great deal of attack activity in the past few years."
IBM advises that users consider mobile security tools and using reputable application stores "such as the official Google Market or Amazon's Android application market."
Since malware does sometimes finds its way into these application markets--thanks to the fact that Google has an open policy--users should be aware of the type of access that applications request. For instance, "a game should not require GPS or SMS access," said IBM. Users should also stay away from free copies of paid-for applications.
For more:
- see this InformationWeek article
Related Articles:
What to watch for in mobile security
Report: Mobile malware surges 273 percent in first half of 2011
McAfee's new tools for mobile security
Comments