Android Threats Real for Fire, Police

Wednesday, August 28, 2013 @ 02:08 PM gHale

Police and fire departments as well as emergency medical service providers and other security personnel should be aware that out-of-date Android devices pose a serious security risk to those organizations, said the Department of Homeland Security (DHS) and the FBI.

The bulletin – issued by the DHS and FBI in late July and made public by Public Intelligence over the weekend – cites unspecified industry statistics saying 44 percent of Android users are running the out-of-date Gingerbread version of the operating system. Gingerbread released in 2011.

Threat Report: Mobile Attacks Taking Off
Hackers Hit Cloud for Android Attacks
Mobile Alert: Android Woes Continue
Mobile Malware: Organized, Profitable

However, Google monitors the platform version of every Android devices that visits the Google Play store, and the figures they collected over the 14-day period ending August 1 indicate 37.9 percent of visitors are running Gingerbread or earlier versions of the mobile operating system.

Regardless of which is the accurate number, both are statistically significant given that Android is the most widely used mobile operating system in the world. In fact, the latest survey from the technology research group Gartner found Android’s mobile operating system commanded 79 percent of the mobile market-share in the second quarter of this year. Apple’s iOS had the second biggest share, accounting for just 14.2 percent of that market.

The reason for the warning is the Gingerbread variety of the Android operating system contains a slew of vulnerabilities fixed in later versions and is therefore vulnerable to numerous threats. The bulletin indicates federal law enforcement agencies worry that employees of local law enforcement and other emergency response departments are exposing critical networks to unnecessary risk by failing to update their personal devices. Corporations have been dealing with this problem for years, as bring-your-own-device policies are the ever-increasing norm at offices around the world.

Among the threats, according to the joint DHS-FBI roll call release, are premium-rate SMS Trojans, rootkits, and fake Google Play domains that attackers use to trick users into installing malicious applications. The bulletin urges users to update devices as early and as often as possible, to run an “Android security suite,” and to make sure they only download applications from the official Google Play store and avoid third party market places.

The bulletin contains a pie chart illustrating the lion’s share of mobile malware threats targeting Android. According to information prepared and provided by the office of Intelligence and Analysis’ Cyber Intelligence Analysis Division, the National Protection and Programs Directorate of the U.S. Computer Readiness Team and the FBI’s Directorate of Intelligence, 79 percent of mobile malware targets Android, 17 percent targets Symbian, 0.7 percent targets iOS, and 0.3 percent targets Windows Mobile and Blackberry respectively. The release does not supply specifics beyond that.

Leave a Reply

You must be logged in to post a comment.