The Inquirer-Home

US DHS and FBI warn of Android security threats

Just noticed, apparently
Wed Aug 28 2013, 18:00
Android plush toy

THE UNITED STATES Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) must have caught up on their IT industry news reading this summer, because they have just warned about security threats to devices that use the Android mobile operating system.

A joint DHS-FBI bulletin read, "Android is the world’s most widely used mobile operating system (OS) and continues to be a primary target for malware attacks due to its market share and open source architecture. Industry reporting indicates 44 percent of Android users are still using versions 2.3.3 through 2.3.7 - known as Gingerbread - which were released in 2011 and have a number of security vulnerabilities that were fixed in later versions. The growing use of mobile devices by federal, state, and local authorities makes it more important than ever to keep mobile OS patched and up-to-date."

The bulletin proceeded to identify SMS Trojans, rootkits and fake Google Play domains as security threats and offered various mitigation strategies.

For example, to fight against SMS Trojans it advised, "Install an Android security suite designed to combat these threats. These security suites can be purchased or downloaded free from the Internet."

To protect against fake domains, "Install only approved applications and follow IT department procedures to update devices’ OS. Users should install and regularly update antivirus software for Android devices to detect and remove any malicious applications."

The IT industry and tech-savvy users have known about these types of security concerns - stemming from Android fragmentation, most mobile phone manufacturers' sloth and indifference, and user inertia and ignorance - for a while now. But apparently the DHS and FBI just noticed this summer. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Heartbleed bug discovered in OpenSSL

Have you reacted to Heartbleed?