Android malware devlopment now mimics commercial software, claims Juniper

Discovers malware peak around Christmas

The creation of Android malware is now mature enough for there to be development cycles that mimic those of the legitimate software world, a report from Juniper Networks has concluded.

According to the firm's annual survey of the field (reg required), the 'high' season for new mobile malware during 2012 ran between roughly November and February, with a marked drop-off in volume over the late spring and summer.

The firm admits that they can only guess why this happened but believe it could be connected to a 'productization' of the malware market as criminals targeted new devices sold during the peak Christmas season.

Overall malware volume went from 39,000 malware samples in Q1 2012 to 276,000 in the same quarter of 2013, a daunting rise in numbers even if still small compared to the levels of activity affecting Windows desktops.

One important consolation is that mobile malware is considerably less sophisticated than Windows equivalents with nine out of ten malware samples falling into only two attack methods, premium SMS fraud (which includes fake Trojan apps) and data theft.

The overwhelming majority of these threats come from third-party app stores, of which there are around 500 globally, three fifths aimed at Chinese and Russian consumers; the US hosts 76. Almost all are Android-oriented although the several million jailbroken iOS phones also put themselves at a smaller risk by relying on non-Apple channels for apps.

Juniper said it believed that Android was now well on its way to reproducing the monoculture of Windows, with knock-on consequences for security.

Google's ability to defend its platform was made more difficult by the fragmentation that marked the OS's early commercial development. Eight out of ten threats could be neutralised by more regular updates, something Google is undoubtedly aware of; only 4 percent of Android devices currently run the latest version of the OS, Juniper said.

The boom in mobile malware hinted at the ease with which criminal organisations could attract programming talent, the firm said. This contrasted with the difficulty businesses had in the hiring the parallel cybersecurity talent needed to fight back.

"While the UK is struggling to nurture talent to fill the cyber-security skills gap, the black market is booming with mobile malware developers," argued Juniper's UK and Ireland vice president, Mark Quartermaine.

"As these attacks become more and more multi-faceted, organisations need to recruit the right talent and deploy intelligent security solutions to ensure they have robust protection against next-generation threats," he said.

It's not clear that the two talent pools are necessarily the same, especially in the UK, but that doesn't mean pay and conditions don't play a part in some countries.

"If you're a newly qualified computer science graduate, the perception that jobs are hard to come by combined with the stuffy image corporate environments are lumbered with can make it an unappealing career prospect," suggested Oliver Crofton, ethical hacker and co-founder, Vigilante Bespoke.

"Compare that with writing some malicious code from the comfort of your own bedroom, high tax-free earnings, hours you can pick and choose, and the likelihood of going to prison almost zero; it's no wonder cybercrime is booming."

Join the CSO newsletter!

Error: Please check your email address.

Tags Mobile &ampPersonal TechNetworkingsecuritywirelessjuniper networks

More about AppleGoogleJuniperJuniperVigilante

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place