It’s true. You’ve heard the news and read the headlines about all kinds of new and malicious malware lurking around iPhones these days, right? Did it scare you? You should be scared. Not so much about the malware, but about the Chicken Littles of the tech world who sell Sky Is Falling insurance.
Of Motivations And Distortions
The latest to cross my screen came from Marble Systems which went on an epic journey to point out all the problems iOS has with malware these days.
If you haven’t head of Marble Systems its probably because you use an iPhone. The company specializes in identifying and remediating risky iOS and Android apps.
So, why would they blow a whistle on iOS device malware? That segment of their business probably isn’t faring as well as the Android side of the house, because Android owns about 99-percent of all the world’s mobile device malware.
Still, it’s hounding iOS that gets the headlines. The Marble Labs report will give you the skinny on how the WireLurker and Masque Attack iOS malware are distributed and how they can, once distributed, compromise an enterprise system.
Here’s the problem with this malware security problem. It doesn’t exist. Even Apple says they’ve received no reports of either one infecting iOS devices in the wild– except for those that have been jailbroken and downloaded insecure apps not from the App Store.
Wait. Didn’t the U.S. government Computer Emergency Response Team issue a warning about iOS to U.S. businesses about phishing attacks? And that malicious apps might steal data and cause mischief? Yes. And no. The warning was a repeat of a security warning from a company that sells security services. I think the company name is Chicken Little, but I don’t remember for sure.
Here’s what Marble has to say about the whole iOS security fiasco.
November 2014 may eventually become known as the ‘good ole days’ before iOS malware. That month the U.S. Government Computer Emergency Response Team (CERT) issued a warning to American businesses that iOS malware can be spread by phishing attacks, and that malicious apps may steal login credentials, access data, and monitor users’ devices. The electronic crime underground has begun exploiting iOS mobile devices and will intensify attacks on employees, making dynamic protection against malicious apps critically important.
Are you worried? Me neither.
Know this right up front. No system is completely, 100-percent secure. Basic precautions are required. Don’t jailbreak your iPhone. Install apps only from the App Store (they’re curated by Apple). Be careful who uses your iPhone and where it is when you’re not carrying it. Don’t be stupid (phishing attackers love the stupid). There’s a reason that 99-percent of the world’s malware is Windows or Android based and does not show up in any appreciable number on Apple’s devices. And it’s not the ridiculous ‘security through obscurity‘ argument. Apple has about half a billion iOS customers, and Macs are selling at record numbers.
Apple has a big malware security problem, but only in the eyes of those who sell security services.