Cisco Security Report Highlights Android As Top Target In Mobile, Java On Web
We talked last week about the latest security issue to plague Google's ultra-popular Android OS, which at the time topped-off what seems like a never-ending list of issues researchers raise about the OS. With a just-released Cisco report, it looks like not a thing is going to change, much to Google's chagrin, I'm sure.
Cisco's full report requires a purchase, but the company is kind enough to provide some top-level statistics - and some of them are downright impressive, if not a little scary. It should strike no one as a surprise to learn that mobile malware is on the rise, but would you have guessed that 99% of that targets Android? Yes - 99%.
What we're being told (for free) doesn't end at those statistics. During the development of this report, Cisco's researchers closely examined 16 companies that together control $4 trillion in assets, with revenues surpassing $300 billion. The biggest risks to these companies, Cisco says, are man-in-the-middle browser attacks, botnets or general misuse of company servers, and also breachers taking advantage of encryption to hide the fact that data's being stolen.
In a bit of good news, though, since the author of the Blackhole exploit was arrested last year, the number of exploit kits found on company servers plummeted 87%. Cisco has monitored some kits trying to replace Blackhole's presence, but as yet has been unable to see a clear winner.
If there's one thing to be learned from all this, it's that the enterprise needs to gear up for some incredible defensive needs. At the same time, consumers might want to be more careful than ever about what they install on Android, since its security "flaws" continue to be highlighted. I use quotes there because these holes are usually "flaws" that could exist in most OSes. Android is a rather open platform, so it pays to be smart about how you use your device.