The fragmentation of Android has been covered quite comprehensively in the past what may not have been obvious in the analysis is how that fragmentation would effect the perceived and real security of this popular smart phone OS. The Department of Homeland Security and the Federal Bureau of Investigation released an update for Police, Fire, EMS and security personnel warning against some of the threats inherent to earlier version of the OS. Here is a snippet from that PDF:
Android is the world's most widely used mobile operating system (OS) and continues to be a primary target for malware attacks due to its market share and open source architecture. Industry reporting indicates 44 percent of Android users are still using versions 2.3.3 through 2.3.7-known as Gingerbread-which were released in 2011 and have a number of security vulnerabilities that were fixed in later versions. The growing use of mobile devices by federal, state, and local authorities makes it more important than ever to keep mobile OS patched and up-to-date.
The issue seems to be analogous to security related problems associated with the PC, where its obvious ubiquity inherently made it a target for lazy hackers everywhere. In addition a weak or non existent app vetting process has allowed hackers to abuse some low hanging fruit. The following chart indicates a concerted effort to attack Android, it is clear that all permutations of the OS needs to be accounted for appropriately if you are bringing devices into your secure networks.
Comments are closed.