14 DAY TRIAL // The number of attacks aimed at mobile users is growing at an alarming rate, and iOS, which is often considered to be the more secure platform, has recently been affected by critical flaws that exposed its customers.
Trident and Pegasus are two of the flaws that Apple has already patched, but which could have led to a significant number of victims with sophisticated attacks developed to provide attackers with access to vulnerable iOS devices.
Microsoft's corporate vice president for enterprise and client mobility, Brad Anderson, explained in a blog post today that these two vulnerabilities are living proof that no matter the platform, users are always under attack and it’s no longer accurate to say that one mobile operating system is more secure than the other.
“This has been a pretty startling wake-up call and a huge reminder that we are all under constant persistent attack, and that any and all platforms and apps have vulnerabilities,” he said (emphasis is his).
Growing number of attacks
Although Windows Phone isn’t mentioned, Anderson suggests that all mobile platforms, including here Windows Phone, Android, and iOS, are equally vulnerable, not only because of the flaws that exist in the systems but also due to the growing number of attacks that involve more and more sophisticated methods.
“Over the last two years, I’ve had senior executives tell me countless times that they have unwavering implicit trust in the iOS platform. In these discussions it’s been pretty common to hear a comment like, ‘I don’t trust Android because it is like the wild, wild west - but I have tremendous trust in iOS because it is a controlled and procured ecosystem,’” he said.
“I’m not attempting to throw stones at Android or iOS - but there is a dilemma with this perspective. To be perfectly clear, the dilemma is this: I know for a fact that all the providers of mobile operating systems go to superhuman lengths to harden their platforms and do everything they can deliver the most secure operating system possible - but this fact also exists in our modern era of digital threats that produce consistent successful attacks despite the incredible efforts of the organizations building these platforms.”
Anderson went on to explain that the best way to stay secure is for companies to always assume they are getting hacked because this is how security experts can remain focused on blocking an attack. Switching to multi-factor authentication is a must to prevent breaches, he says, while also keeping all devices fully-up-to-date and using the latest security solutions available.