Mobile phones have since become as vulnerable as laptops and PCs since they possess just as much access to the Internet as these high-end devices. Mobile viruses, malwares, spywares have become rather prevalent because attackers can have access to just as much information as they can get from PCs on mobile phones.
The Android OS is noted to be less secure than the iOS and this may just be the reason for the many security risks faced by users of this operating system. Explained below are a couple of these risks.
3 Cyber risks peculiar to Android OS
Man-in-the-disk attack: Researchers at Check Point Software technologies discovered this piece of malicious software – which installs unwanted applications or launches a denial of service attack. This attack mechanism capitalizes on the means by which Android applications use external storage devices to store app data. When such use of external storage is compromised, it could give way for attackers to insert malicious code into the parts of the phone accessible by the application.
Although the Android operating system allows system resources to be stored on both the internal and external storage, Google urges developers to store application data and resources on the internal storage. This is because every application is assigned a portion of this internal storage for use, and it is guarded by an in-built sandbox feature provided by the Android operating system for storing important data.
The modus operandi of this attack works in three simple steps:
- intercept the data being transmitted between the external device and the application;
- replace it with a malicious code and;
- install a malicious application once the user receives an “application update” notification which has been orchestrated through the malicious code.
Android’s VoIP vulnerabilities: Early this year, a team of Chinese researchers revealed several vulnerabilities attributed with Android’s voice-over-internet-protocol components in the Android 7.0 version to its 9.0 version. Among these vulnerabilities were the following:
- Unauthorized Call Transfer: A system service in the Android operating system, the QtilMS was discovered to be exposing two APIs to third-party applications. This simply means that any application that has permission to access this service can initiate call transfer without the owner’s knowledge using these APIs.
- VoIP Call Bomb: This is an attack that can be remotely launched. Similar to SMS bombs, this is an attack that can be categorized under a Distributed Denial of Service (DDoS) attack. Here, the attacker launches a call with several characters on the screen, locking the user out of their device and performing some other kind of attack.
- Bluetooth Vulnerabilities: This risk only comes into play when a user makes use of the Bluetooth feature on their device. First of these issues is the remote code execution where an attacker makes a call with over 513 bytes, triggering a stack buffer overflow. This then enables the attacker to run other attacks on the side. Similar to the remote code execution, the remote denial of service causes the phone to crash immediately when a call is placed to the user’s device.
Rooting Vulnerability: This vulnerability, although yet to be thoroughly described by the National Vulnerabilities Database is said to be rather dangerous, affecting millions of Android devices. Google has however released an Android security update in March 2020, applying a security fix to this elevation-of-privilege risk that is constantly being exploited by cybercriminals.
This vulnerability is however peculiar to users still operating the Android 7, 8, and 9 versions leaving the Android 10 users safe from this vulnerability.
How to Minimize Android Cyber risks
Staying safe from these risks are rather pertinent. Outlined below are 5 ways by which Android users can minimize their exposure to these risks.
- VPNs are notable for their encryption features and as such, downloading a VPN on your device can help secure the data being sent through your device – preventing them from theft and manipulation.
- Constantly update your phone’s operating system immediately there is a security update. This helps stay safe from both new and old cyber risks.
- Verify the application source and be weary of the permissions granted to applications. Permissions deemed unnecessary by the user should be revoked.
- Perform an Android security audit on your device from time to time – maybe once a year, in order to assess the security state of your device.
- Enable two-factor authentication for all accounts – especially Google Accounts signed in on your device.