As we move into 2016, the ever-changing face of the cyber world continues to grow. Mobiles are fast overtaking computers as the most commonly used digital device, and unfortunately, this means the threat to them is also on the rise. The coming year is set to see old cyber attacks develop and return in full force, alongside some brand new ones.

Furthermore, mobile services that have been presumed secure until now are being put to the test as malicious hackers specifically target them. Ways to make money from these infiltrations are becoming more creative and persistent, and security awareness is standing as a more essential pursuit than ever before. There are countless threats to your Android security, and new ones are sure to be appearing all the time, but these five are some of the most prominent of 2016 and are definitely worth observing and combatting before it’s too late.

Five Immediate Threats to Android Security for 2016 and How to Eliminate Them

StageFright

Last summer, several surprising revelations were made regarding a vulnerability within one of the Android libraries that creators have called “stage fright”. The exploit of this vulnerability involves a multimedia messaging service being sent to users containing a video. Without even having to open the video, the device is taken over via the libStageFright mechanism that helps Android process videos. Throughout the summer, a back and forth happened between Google and the most tech savvy of its users as they attempted to patch the problem, with numerous failures. Although, according to the company, the newest release of the operating system has finally overcome these problems.

The initial vulnerability dates back to Android 2.2, and therefore, millions of unsuspecting users are still at significant risk. As this issue is becoming more public, the likelihood of the attempt to exploit it by malicious hackers will continue to grow. Although this can easily be resolved by a simple system update, many users who are either unaware or unperturbed will continue to put themselves at risk throughout 2016 by failing to take the necessary steps to protect themselves.

Mobile Payments

Many online sources have highlighted the potential threats to mobile payment systems, such as Apple Pay, over the coming year. There have been rumors from black hat hackers suggesting that 2016 will bring a full assessment of these payment systems to identify vulnerabilities and potential exploits. Credit card data has already been identified as some of the most sensitive information that passes through mobile applications, so it’s no surprise that cyber criminals are starting to target this area specifically. Once security measures have been bypassed, unsuspecting users could easily fall victim to fraud, extortion and straightforward theft.

There has also been a warning that peer-to-peer money sharing apps will be targeted with a view to empty the victim’s funds by transferring money into fake accounts before withdrawing it from the app altogether. Although no successful attacks of this nature have been documented yet, the information is out there, and the best way users can protect themselves is by keeping up-to-date with blogs and websites that track new attacks and ways to avoid them.

DDoS: The Next Generation

By now, we’re all familiar with Denial of Service attacks. Hackers overwhelm a server with traffic in order to shut down a website and prevent users from accessing it. These attacks have become so common that most businesses are more than prepared to deal with them so that when they do happen, they’re overcome quickly and efficiently.

However, the rise in the use of mobile internet means that the scope of this threat is evolving significantly. It’s becoming increasingly common that mobile devices are being hijacked and turned into DDoS bots, allowing hackers to significantly increase the frequency and intensity of these attacks.

The best way to avoid falling victim to this is by utilizing apps and functions that monitor the traffic on your device. There are several ways to do this, but whichever you decide is best for you, keeping a real-time eye on what is going on within your Android phone is a great way to identify and resolve suspicious activity.

WiFi Vulnerabilities

It’s an age-old story: mobile users fail to take the necessary precautions when connecting to public WiFi and leave themselves susceptible to a plethora of potential threats. This chain of events seems to be the leading cause for the significant rise of man-in-the-middle attacks that are predicted to be seen throughout 2016. As users connect to these insecure public networks, hackers are able to see and intercept the data traffic and thus eavesdrop and even alter communications made over the network. This can lead to numerous problems including spamming, data collecting and even identity theft.

Fortunately, this problem can be easily resolved by simply using a Virtual Private Network. A VPN works by re-routing all of your traffic through the VPN server before connecting to the internet, mimicking a private connection and encrypting your data. This means that any malicious prying eyes can’t gain access to your information and you can connect to public networks safely and securely.

App Vulnerabilities

Android is by far one of the most popular smartphone brands on the market as billions of people around the world host this Google operating system on their device. The open source nature of the software has allowed it to develop and grow with the freedom that has led to its ultimate and unarguable success. Unfortunately, this triumph is also proving to be one of Android’s greatest weaknesses.

As we move into 2016, many handsets are including preloaded, or subsequently downloaded, apps by individual creators that have not been analyzed by Google’s security team. The lack of a proper vetting process is putting Android users at significant risk. This is because the open nature of the system invites the possibility for malicious code injects and even remote device hijacking. Users are warned to be vigilant about the apps they install, to aim for trusted developers and to continuously update with any patches that may be released.

Although the ever-changing cyber landscape means there will never be a surefire way to protect your device indefinitely, keeping up to date and informed about the risks you may be exposed to means that you can stay one step ahead of the cyber criminals. This list documents five of the threats that we are expecting to see grow in prominence over the coming year. If you know of any more that you feel should be included or have experience with any of those already mentioned, then be sure to leave a comment below!

Did you know, the team at Appknox recently launched a new security plugin for Android Studio. This enables Android developers to detect and resolve security issues as easy as autocorrect. Oh, and it’s free!Devknox

 

About the Author

Cassie Phillips is a technology and cybersecurity blogger and enthusiast.