There’s no way around it, folks. Your data and security are probably already compromised. Roughly 15 million Americans experience identity theft every year. 1 million malware threats are discovered DAILY. Mobile fraud and cybercrime has increased 173% since 2013. Ransomware, Zero Day bugs, and mobile security breaches are on the up and up. What’s a regular person to do in this brave new mobile world?
Unfortunately, not much.
Most of these types of viruses target vulnerabilities in systems we use everyday. Our iPhones and other mobile devices are an obvious target because they’ve become the center of most of our lives. Apple and Google stand to lose the most, should a significant portion of their users panic over security concerns. It’s no wonder why they spend so much for their time and resources proactively putting out fires before they have a chance to start.
Case in point: Apple is now willing to start paying bug bounty hunters.
This past summer Apple joined the chorus of tech elites in offering prizes for external hackers who find security flaws in their systems. Inviting outsiders to come poke at Apple’s internal security structure goes against their notoriously closed system. So, unsurprisingly, they’re doing it slowly. The program is only open to a couple of dozen researchers that Apple is already familiar with. The highest prize category offers up to $200,000 for finding bugs related to preventing unauthorized apps from launching on their own.
The move could be related to a bombshell of a story that broke out over the summer. A human rights activist from UAE inadvertently stumbled onto a dangerous piece of software that could hack into virtually any iPhone without detection. The software was being used by the UAE government to silence humanitarian activists, and it exploited 3 main security flaws in the iOS ecosystem. Here’s the worst part: the security flaws have been there for several years, and have likely been used by other agencies around the world.
The story, as reported by Vice, reads like a true modern-day espionage tale. The most impressive part of the story is the actual method for hacking the iPhone. Essentially, the unsuspecting user receives a shady link from a known or unknown contact. As soon as they click the link, that’s it. The cybercriminal on the other end has complete access to every piece of data on your iPhone. Digital watch dogs from Citizen Labs and security experts from the firm Lookout, called the one-click jailbreak malware, “One of the most sophisticated pieces of cyberespionage software we’ve ever seen.”
They immediately reached out to Apple with all the information, and Apple released a patch 10 days later fixing the 3 main vulnerabilities. I included a brief version of this story in this video “3 Things You Didn’t Know About Cybercrime” which you should watch right now if you like being scared for your life.
Seriously though, what can we do?
Like I said earlier, Apple and Google are the two biggest players that would be most affected by nervous consumers. So, unless you want to sell all your electronics and start growing your own food and living off the off-the-grid, you’re at the mercy of their decisions and security patches.
Part of the problem is that the Apple and Google ecosystems have entirely different structures. Most security experts, while cautious about saying that any one mobile platform is completely safe, agree that Apple is generally the more safe platform for consumers. This is because Apple keeps a tight grip on their entire ecosystem. This doesn’t mean that bugs like the one above don’t slip through, but in comparison with Google, Apple has less moving parts, and thus it’s easier to manage from a security standpoint.
Google only recently started doing a better job at making sure people download the latest updates across carriers. Cybercriminals and hackers can target out-of-date mobile software because they know what security issues have been fixed in later updates. Apple does a better job of distributing their updates, so this type of problem is less pertinent on the iOS ecosystem.
Besides making sure you’ve always downloaded the latest update, there’s not much you can do. There are thousands of hackers in China working on creating the latest virus. There are geniuses in Russia trying to break our systems daily. We might be living in a temporary moment in time where we figured out how to connect the whole world, but nothing majorly catastrophic has happened to our technology worldwide.
Let’s enjoy it while we can (and seriously though, go download the latest security patch).