As more and more people began using mobile phones that offer increased capabilities, it was inevitable that hackers would begin focusing their efforts on causing problems for them. The malware “industry” took off slowly at first, as did the smartphone market, but once the number of users began to skyrocket, so too did the attempts to deliver malicious code to the devices.
Our mobile phones are run by actual operating systems, somewhat simpler, but not altogether unlike the operating systems in our computers and tablets. As with our other devices, the threat of malware is different for each operating system. The approach the developers and users must take to protect the different phones is, therefore, quite unique.
Apple products are safer, but not completely safe
The hardware, code, and apps for Apple’s iPhones and iPads are tightly controlled by Apple, which makes the development and distribution of malware more difficult than for mobile phones that run Google’s Android or Microsoft’s Windows Mobile operating systems. Since Apple’s operating systems are Unix-based, they are less susceptible to malicious code. As of this writing, there have been no viruses detected in the wild with the capability of attacking Apple’s OSX, but the threat posed by other forms of malicious code, such as Triojan horses and malware, warrant caution. And recent events, such as the hacking of iCloud, and earlier problems such as last year’s Find My Phone scam, should be viewed as harbingers of potential future threats.
Android is a wide-open field for malicious code
The Android platform is essentially open source, with code that is available to all developers. Unlike Apple, the hardware upon which the Android devices run is designed independently of the software developers’ efforts, which leaves the finished product more prone to operational and security flaws than the more rigidly controlled Apple devices. The result is that the Android devices are inherently more flexible and user-customisable, but also more vulnerable to attack, such as the dreaded Stagefright exploit, which can take over a user’s Android mobile phone without the user knowing it or even opening the infected text message.
Windows phones are, well… Windows
Microsoft has long followed the policy of providing all things to all people, offering feature-rich operating systems and software. The downside of this policy is that some of the features and functions in their OS and application software hit their huge slice of the PC market with functional bugs and/or security flaws. Since the company is rather late to the smartphone game, their market segment as well as their feature set and function lag somewhat behind the offerings of the other major players. Whether the phones will suffer the same kind of attacks as the company’s PC software is yet to be seen, but as their mobile offerings mature and increase their market share, the efforts to develop and distribute malicious code will no doubt increase.
Defending your mobile phone
– Use caution – Obviously, your first line of defense is your own common sense. Downloading apps and accepting emails and text messages only from trusted sources (itunes for Apple, GooglePlay for Android, and the Windows Phone App Store for Windows phones) goes a long way toward protecting you from malicious code. Avoiding public charging stations is another wise choice, since you have no way of knowing whether such stations are constructed in a way that allows them to access your personal data during the charging process.
– Be conservative with security and privacy settings – Especially on an Android phone, disable the automatic download of messages and multimedia content such as videos, songs, and even pictures. Avoiding the use of public Wifi hotspots is advised, as well. While it is tempting to use your favorite coffee shop or fast food restaurant’s bandwidth to check your email or surf the web, you can’t be certain that someone else on the hotspot isn’t searching for vulnerable phones and grabbing personal data from them.
– Install antivirus and anti-malware apps – Users of Android phones in particular are wise to install a good antivirus app and ensure that its virus definitions are kept up to date. There are numerous such apps available, and the good news is that some of the best are offered free of charge.
At least for the present, following these simple steps will keep your phone reasonably safe. Stay apprised of new threats as they arise, keep your antivirus and anti-malware up to date, and remember that the hackers greatly outnumber the security developers.
