From the safety of Apple’s ‘walled garden’ looking out, it may be easy to believe that your expensive iOS device is secure from nasty bugs and malware attacks – especially when compared to the unpredictable wilderness that is the Android platform, right? Well, the evidence is mounting that mobile threats are increasingly hitting both sides of the divide – meaning that no platform can claim to be fully protected from hackers and cybercriminals.
Indeed, a March research report from Nokia found that smartphones have officially overtaken Windows-based computers and laptops in terms of malware activity. While the analysis acknowledged that Android continues to be the main mobile platform targeted by cybercriminals, it outlined that nasty variants of iOS-based malware – such as the notorious XCodeGhost – are undoubtedly on the rise.
At their core, iOS and Android are quite different in structure. Google’s platform remains dominant
in the overall smartphone market with a share of over 80% and the user experience is left open and adaptable – yet as a result more vulnerable by default. Additionally, device makers like Samsung andHTC are free to tweak and customise the operating system (OS) as they see fit.
For Apple, the operating system is more limited but, at least in theory, more secure.
“The consolidation of personal data on smartphones has made them a natural target for malware campaigns,” explained Craig Young, security researcher at Tripwire. “While trusted app stores do a lot to reduce exposure to malware, examples of apps slipping past vendor review processes are not hard to come by.”
These app stores – iOS App Store and Google Play – are both regulated and vetted for security concerns and, according to the security experts, Apple still has the clear advantage when it comes to offering a safe download environment for users.
“Apple maintains tight control over the entire ecosystem, from the hardware and OS to screening the apps and accessories,” James Maude, senior security engineer at security firm Avecto said. “Although there have been occasional issues, these are much easier to deal with as one company owns and manages the entire system.”
In comparison, Maude said the Android ecosystem has become “massively fragmented” in recent years. “[There are] hundreds of manufacturers and thousands of devices all with different flavors of the Android OS, each having potential different vulnerabilities on top of any core Android issues. Some Android devices have even been shipped with malware and fake app stores from the factory without users realizing as there is little to no control over who can use the operating system,” he explained.
“Although Android security has improved greatly in recent years, adopting SELinux and implementing access control policies to ensure a secure least privilege environment, the open nature of the ecosystem means that threats will always be more prevalent on Android devices.”
The rise of the malware
In many ways, the Android platform is still in a state of recovery following the discovery of the widespread ‘Stagefright’ flaw last year that impacted 95% of all devices on the operating system. This flaw hit at the heart of the operating system and Google has been rushing out updates ever since.
Yet for every Stagefright there is a YiSpecter – which was uncovered by researchers at Palo Alto Networks and found to be attacking both jailbroken and non-jailbroken Apple devices. When mixed with the aforementioned XCodeGhost – which resulted in malicious code in a slew of apps listed on the official iOS app store – some security experts are now arguing that both platforms need to step up their game.
“Yes, Apple is doing a better job than Google at vetting apps for malicious code before they are allowed into their official app store, and it appears that iPhone and iPad users are much more likely to be running an up-to-date version of their operating system than their often abandoned Android-loving cousins. And there’s no argument that there is a thriving culture of undesirable Androidadware and malware that simply doesn’t exist in large numbers for iOS,” wrote security expert Graham Cluley last year.
“But that’s not the whole picture when it comes to security. You also have to consider the safety of the apps themselves. Security and privacy cannot be an afterthought, it needs to be built in from the start – and apps can’t rest on their laurels, delegating responsibility for safety to those who police the app store.”
The vetting process
Meanwhile, the biggest difference between the two operating systems, according to Nathan Collier, a senior malware analyst at Malwarebytes, is how they let the end user customize their experience.
“By having a walled garden, [Apple] can vet, deny and remove any apps they feel do not meet their developer’s license agreement,” he said. “By requiring all apps come from their App Store – which is locked down at device level – it makes it much harder for developers to submit malicious apps. A customer can ‘jailbreak’ their device, giving them escalated privileges, but then Apple will say ‘you’re on your own any malicious apps encountered are your own fault’.
“Android also has a vetting processes in place for the Play Store; Google has tightened up security over the years, but malware still manages to get in occasionally.
“An attractive feature of Android is its openness. Besides being open so users can install an app outside of the Play Store, there are many forked versions of Android. Many of those forked versions don’t come with Google Play Services, so data isn’t collected and tools like Verify Apps aren’t available. Also, these forked versions often are not updated and could have malware preloaded.”
Yet in many cases it is clear that the security community continues to believe that Apple remains on top when it comes to security and privacy. However the experts indicate that this is slowly changing – and attacks hitting both platforms are only going to evolve in strength and capability as times goes on. In light of this, Dick O’Brien, senior information developer at Symantec issued a warning to those iOS fans that believe they are safe: “Apple devices have experienced a surge in popularity in recent years. This increase in usage has not gone unnoticed by attackers.”