400% surge in Android malware since summer 2010

The study - from Juniper Networks - comes in the wake of the infamous DroidDream malware infection of earlier this year, Infosecurity notes, but the increase is a significant one.

In fact, according to Juniper, its research shows that 70% of UK workers believe mobile devices now pose some level of threat to their organisation's security.

And, says the company, after having seen dramatic increases in both the frequency and sophistication of targeted attacks on enterprises worldwide, it is fair to say that this is very likely.

Coupled with the fact that 60% of UK workers now use their personal mobile for work, the report says there is real concern that mobile working makes users more vulnerable, both to web-based threats and to simple loss of their devices and data.

2010, adds the report, undoubtedly saw a massive increase in mobile OS vulnerabilities, malicious apps on major app stores, Zeus for BlackBerry and other noteworthy threat events.

Juniper's report - entitled `Malicious Mobile Threats Report 2010/2011' - notes that both enterprise and consumer mobile devices are now exposed to a record number of security threats.

Delving into the study reveals that 17% of all reported infections were due to SMS trojans that sent SMS messages to premium rate numbers, whilst 1 in 20 Juniper customer devices were lost or stolen, requiring locate, lock or wipe commands to be issued.

The single greatest distribution point for mobile malware, says the report, is application download, a situation that is compounded by the vast majority of smartphone users not having an antivirus solution on their mobile to scan for malware.

Commenting on the report's findings, Dan Hoffman, Juniper's chief mobile security evangelist, said that they reflect a perfect storm of users who are uneducated - or disinterested - on security, and who are downloading readily available applications from unknown and unvetted sources in the complete absence of mobile device security.

Furthermore, he said, the process of app stores re-actively removing applications that are tagged as malicious after they have been downloaded by thousands of users is an insufficient control.

"Both enterprises and consumers alike need to be aware of the growing risks associated with the convenience of having the Internet in the palm of your hand", he explained.

What’s hot on Infosecurity Magazine?