Criminals switch from Microsoft to mobile platforms
Scammers and cyber-criminals have turned their focus from Microsoft and are now targeting other operating systems and mobile platforms, according to a report by Cisco.
In its Annual Security Report, Cisco said a significant “tipping point” in vulnerabilities had been reached in non-Microsoft platforms, which combined with improved PC security was forcing criminals to seek easier pickings.
“In response to the last decade of cyber-exploits targeting PC operating systems, PC platform and application vendors have shored up security in their products and taken a more aggressive approach to patching vulnerabilities,” the report said.
The relative youth of the Android OS, including its apps and ecosystem, combined with the sheer number of users, will make this a very attractive platform for exploitation
“As a result, scammers are finding it harder to exploit platforms that were once their bread and butter — in particular, the Windows platform.”
The report highlighted mobile devices and applications as the new criminal hotbed, with third-party mobile applications in particular emerging as a serious threat.
“Everyone knows the joke about the two hikers and the hungry bear in which the swifter hiker explains his footrace is not against the bear but the other hiker. The cyber-criminal bears have been feasting on the ‘slowest hiker’ Windows platform for the last decade,” said Patrick Peterson, Cisco fellow, said in an enigmatic statement.
“Mobile and emerging operating systems are hikers that the bears have largely ignored until now, but they are beginning to look much more appealing. These bears are also finding opportunities in the explosion in mobile-device usage, where we’re seeing a growing number of exploits aimed specifically at mobile users.”
Apple under attack
According to data from Cisco IntelliShield, while reported vulnerabilities and updates are on the rise from most major vendors, Apple was showing the greatest increase.
The report also said that researchers expected Android to increasingly become the focus for attacks, because of the OS’s immaturity and the potential number of devices involved.
“Three years ago, there was no Android. Now, there are only a few major handset manufacturers that aren’t developing devices based on Android,” said Cisco threat research manager Scott Olechowski.
“From smartphones and tablet PCs to cars and refrigerators, we will see billions of devices on Android, including a massive number in the enterprise within the next few years.
“The relative youth of the Android OS, including its apps and ecosystem, combined with the sheer number of users, will make this a very attractive platform for exploitation.”