Could Android be the next target for worm attacks?


Although threats to the iPhone have come to the fore, it may be the Android operating system which is more at risk due to its open' nature.

So claims chief technology officer of security firm Qualys, Wolfgang Kandek.

In an interview with IT PRO, he said criminals haven't yet focused on Android due its comparatively small market share. But Kandek predicted more security issues would crop up as it was much more open than the iPhone.

The iPhone has suffered security issues with worms, but this has mainly been against jail-broken phones.

"As Android gets more market share, it's going to be interesting. As these phones become more powerful, they will become a very interesting attack target," Kandek said.

"So far the iPhone has held up very well, even though there are millions of them. We'll see how Android holds up with its openness and less restrictive interface," he added. "It certainly has the potential to run more powerful worms."

Kandek explained why Android was more open than the iPhone. "Both of these systems are based on Unix, but in the iPhone you do not have root access, so you are not the system administrator when you run it," he said.

"You are a simple user of the operating system, and each program is separated from each other. They cannot talk to each other. So you're running in a jail basically... That is rather powerful, and Android does not have the same level of protection," said Kandek.

As Android is already jail-broken', he said it could leave it open to attack.

To protect the Android-based devices, network operators could do certain things to protect the devices from certain attacks, according to Kandek.

For example, for the first iPhone worm, jail-broken devices were vulnerable in Australia as a carrier decided to put them directly on the internet, whereas in the UK and US it is on a private IP network.

Worm attacks on Android could leave personal information such as contacts, emails and banking details open to criminals.

If - like the most recent iPhone worm - an Android device became part of a botnet, it could also be used to send out spam mails.