SOFTWARE DEVELOPER Apple's iOS mobile operating system (OS) had the most security vulnerabilities in 2012, according to Symantec, but malware authors are still attacking Android because it is more open.
Symantec's report revealed that there are 387 documented vulnerabilities on Apple's iOS software, compared to a mere 13 on Android. However, despite Apple's higher iOS vulnerability score, Android remained the leading mobile operating system in the amount of malware written for it in 2012.
Symantec pointed out in its Mobile Threat Report 2013, which was released yesterday, that this is because the number of vulnerabilities in an operating system doesn't necessarily equal the number of threats.
"Mobile vulnerabilities have little or no correlation to mobile malware. In fact, while Apple's iOS had the most documented vulnerabilities in 2012, there was only one threat created for [it]," the report said.
"Compare this to the Android OS: although only thirteen vulnerabilities were reported, it led all mobile operating systems in the amount of malware written for the platform."
Symantec said vulnerabilities likely will become a factor in mobile malware, but today Android's market share, the openness of Android, and the multiple distribution methods available to applications embedded with malware make it the "go-to platform" for those that create malware and launch attacks with it.
Symantec's Mobile Threat Report documented the escalation of malware infections in the threat landscape, with mobile malware shooting up by 58 percent in 2012, accounting for 59 percent of all mobile malware found to date.
It said 32 percent of those attacks were hackers attempting to steal information like email addresses and phone numbers, showing that a growing number of malware authors are looking to commit some form of identity theft.
Other findings in Symantec's report noted the rise in attacks on small to medium sized businesses (SMB), with 50 percent of all targeted attacks in 2012 aimed at businesses with fewer than 2,500 employees.
"The largest growth area for targeted attacks in 2012 was businesses with fewer than 250 employees, 31 percent of all attacks targeted them," the report said. µ