Mobile security solutions provider Pradeo has released its 2017 mobile application threats review highlighting key mobile threats and security recommendations.
The study was based on a sample of 1.5 million of the most recent single applications processed by Pradeo’s engine.
The primary finding of the study was that 88 per cent of mobile threats come from applications. In comparison, only six per cent came from network and six per cent from device layers.
“Apps bring a new dimension to mobile usages with an inescapable access point to personal and corporate information,” says the report.
The study also found that 60.7 per cent of applications are vulnerable to leaking or corrupting data, which reflects the real risk coming from apps both for individuals and for companies.
An explosion of unknown malwares is being observed says the report, whereas known malwares are maintaining the same ratio. This outlines the mismatch of antivirus solutions to protect against such threats.
The study has also found that Android applications are generally of higher risk than iOS applications. For both Android and iOS applications however, data leakage and corruption represent the main source of threat, despite store policies and permissions.
“More permissive than iOS, Android is an easier playground for hackers with a higher propagation rate because of its widespread use,” said the report.
It is also worth noting that the most popular applications are not the safest ones and Games, Entertainment and Tools have the highest threat ratios of all app categories.
Recommendations for keeping threats to a minimum include keeping systems updated.
“An update is available? Install it right away; it probably holds corrections of your current version’s detected breaches,” it says.
It is also recommended that users do not download applications outside of official app stores.
“The App Store and the Google Play Store provide both a first level security evaluation, prior to publishing the App on their stores, in opposition to third party stores, on which a great part of their available applications are malwares.”
It is also important to verify applications’ permissions before granting access says Pradeo.
“Asking a permission should be related with the app’s main purpose. For instance, an app that is meant to edit pictures shouldn’t have access to your microphone.”
Users should try not to carry out sensitive operations through open networks, such as transferring money on a restaurant’s Wi-Fi account. Instead it is important to ensure you are connected to a secure network first.
Rooting or ‘jailbreaking’ a device can also give easier access to the device’s information and increase its vulnerability says the report. Finally, employing a security solution that will assure app legitimacy and protect from ‘zero-day’ attacks is key.
Pradeo is an innovative global mobile security company recognized by Gartner and Markets&Markets. It offers a solution to protect apps and mobile devices and has strategic technical alliances with the major EMM and security players as well as manufacturers.