We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

The five big security threats of 2011

Vulnerabilities to watch out for

We introduce you to this year's batch of security vulnerabilities to watch out for.

Threat 1: Mobile apps

What it is: It isn't surprising that smartphones are a hot new malware target: 91 percent of Brits own a mobile phone according to research last year by Ofcom, and the smartphone market is growing at a rapid pace.

As recently as March 1, more than 50 third-party applications on Google's official Android Market contained a Trojan called DroidDream. When you run a DroidDream application for the first time, the malware gains administrator access over your phone without your permission, according to mobile security firm Lookout. That means it could download more malicious programs to your phone without your knowledge and steal data saved on your device.

Google was able to stop the DroidDream outbreak by deleting the bad apps from the Market and remotely removing malicious apps from Android users' devices, but it's only a matter of time before the next outbreak occurs.

And malicious apps on the Android Market aren't the only way that malware authors can target phones: A recent Android malware outbreak in China spread through repackaged apps distributed on forums or through alternative app markets.

The threat of malware, coupled with other security threats (such as data leakage from a lost phone) may soon impact your ability to use personal devices at work, according to Andrew Jaquith, chief technology officer of Perimeter E-Security. Companies may begin to set some serious ground rules for putting company data on personal mobile devices by enforcing "policies for passwords, device locking, remote wipe, and hardware encryption," Jaquith says.

Protect yourself: You can't trust that all apps on the Android Market are malware free. Avoid installing any applications you get from unknown sources. That .apk file may be titled 'Fruit Ninja' but in reality is a Trojan horse waiting to be unleashed. Don't forget that a number of mobile antivirus apps are available for Android, and it may be wise to have at least one installed on your phone.

Also, read an app's permissions screen carefully - it details what kinds of data an Android application can access (Google makes it mandatory for developers to have a complete list of permissions for every feature that an app has access to on your phone). You can find this list on every app's page in the Android Market (it appears right after you tap the button to download an app). See if you can uncheck undesirable permissions. If you're downloading a wallpaper application, for example, chances are it doesn't need to know your exact location.

iOS users aren't off the hook, either: Some bad actors have slipped by Apple's censors in the past despite the company's third-party app-vetting process. Over the summer, for example, a flashlight app that had hidden functionality got approved to the App Store. The actual risk may be low, but it isn't impossible for a seemingly legit app to have some hidden, malicious capabilities.

NEXT PAGE: Social network-based scams

  1. Vulnerabilities to watch out for
  2. Mobile apps
  3. Social network-based scams
  4. PDFs

IDG UK Sites

Windows 10 release date, price, features UK: Staggered release with PCs coming first this summer -...

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

How to get a job in design

IDG UK Sites

MacBook Pro 15in preview: better battery life, faster storage and a new discrete graphics chip may...