Skip to content

Trending tags

Android Threats in 2017

Joel Hiltunen

23.10.17 4 min. read


Most businesses are quite cognizant of the threat landscape associated with their Windows computers, and have (hopefully) taken the appropriate measures to protect them. We all know that malware and ransomware can really only hit endpoints running standard Windows OS, right?

Wrong. Although Windows computers are still the most popular attack targets, we have seen a rapid increase in malware targeting Macs and mobiles, due to companies and the wider public’s growing utilization of these types of devices. Although Mac, iOS and Android endpoints are considered safer than their respective Windows counterparts, no operating system is impenetrable – don’t let anyone tell you otherwise.

Android dominates the OS industry for smartphones and tablets with over 2 billion active devices on a monthly basis – a significant number of them are also used for business purposes. What is the logical reaction from the attackers?



Properly securing your mobile devices is a vital part of effective risk management and data protection. Although most people are at least subconsciously aware that the thing they’re carrying around all day is a powerful computer, they somehow can’t imagine it being vulnerable to malware and cyber attacks. This is an extremely dangerous oversight, and can have grave consequences for both the individual and the organization.

Just think about. Mobile devices hold massive amounts of important and sensitive data. Messages, emails, contact lists, files, location data – smartphones can potentially house as much delicate corporate material as work laptops. You don’t want this information leaked, or even rendered inaccessible – you need to be able to operate and run your business freely.

According to preliminary analysis by our labs, ransomware for Android has also grown over 250% within the first three months of 2017 alone. The phenomenon of ransomware-as-a-service is also gaining popularity for mobile devices, which allows even unskilled amateurs to easily create monetizable malware. Overall, the trend is extremely worrying.

Will we see huge ransomware waves hit Android devices in the future? For many it seems unlikely, but we’re not far off. In the video below, F-Secure’s Security Consultant Sean Sullivan explains the difference between Apple’s and Google’s respective app stores, and details why Android systems are generally more vulnerable to malware:



Targeted Attacks

In addition to untargeted malware and ransomware campaigns, your mobiles are also of interest to more advanced attackers. Smartphones and tablets’ growing capabilities and increasing integration into our lives provide attackers with countless exploitation opportunities either in by themselves, or as access points to wider company IT infrastructure. All organizations, despite their industry and size, are potential targets – in many cases, hackers see small and medium-sized companies as some of the most attractive marks out there.

You might decide to be careful on your work laptop – you use strong passwords and are on the lookout for suspicious emails, apps and websites. Your workstation runs a solid endpoint protection solution, and the IT department schedules quarterly threat scans across the company’s virtual infrastructure.

Do these safeguards apply across your mobile device fleet? For many organizations, the answer is no. Phones and tablets are not running any type of security software and do not utilize VPN services – they might be older models that do not even get the latest security updates. Maybe the company policy is largely BYOD, and most employees’ mobile devices can be effectively labeled shadow IT. In practice, the organization can neither exercise control nor extend protection over their mobiles.

In some cases, being careful might not even be enough – vulnerabilities, like the recently disclosed KRACK, may allows attackers to breach your mobile device despite you being careful and utilizing secure wireless networks.

How can these issues be remedied?




The first four can be safely put in the realm of basic operations security – everyone with a mobile device can, and should, check these boxes without too much difficulty. The fifth is often the one causing groans and sighs. Additional security solutions, on top of our existing products? That can only mean more money down the drain, more usability problems and less productivity. Doesn’t sound too enticing.

Even if this were the case, it might be worth it – cyber security is always a balancing exercise between freedom and safety. Luckily, securing your mobile devices doesn’t have to be that painful.

To ensure both maximum security and usability, the simplest option is to choose a holistic endpoint solution which covers both the whole threat landscape and the entire range of your devices. This way you’re not straddled with an exceedingly complex security infrastructure, and all of your endpoints are easily controllable within the same ecosystem. On top of best-in-class malware protection and application control, your endpoint protection solution’s mobile-focused features should also include a VPN function and the capability to remotely wipe mobile devices in the case of loss or theft.

Although mobile devices are not as vulnerable as computers yet, we can see where the trend is going – it’s better to prepare for the worst, and do it sooner rather than later. Nobody wants to be the next news headline because of a few insecure smartphones.

Joel Hiltunen

23.10.17 4 min. read


Related posts


Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.