Mobile has turned the tech industry upside down, destroying old businesses and creating new ones. But there is one corner of the tech industry that is strangely unaffected by the rise of the smartphone: hacking.
According to Verizon’s latest Data Breach Investigations Report (DBIR), an authoritative annual report (pdf) that looks at cybersecurity incidents, “mobile devices are not a preferred vector in data breaches.” In plain English, that means that criminals and other malicious actors tend to prefer more traditional means to break into networks than mobile devices.
The team behind the DBIR looked at data from “tens of millions” of devices on the Verizon Wireless network and found that a negligible 0.03% of mobile devices were infected with any serious malware—a much lower number than the already low 0.68% rate of infection of all types of unwanted software calculated by Alcatel-Lucent’s researchers (pdf).
The vast majority of mobile infections came from relatively harmless “adnoyance” infections—ad software that aggressively collects personal data but isn’t actually malicious. And the vast majority of it was found on Android devices. Indeed, “most of the suspicious activity logged from iOS devices was just failed Android exploits,” the researchers write.
None of this means we should ignore security on mobile devices. But in a refreshing change from every other aspect of the tech industry, mobile “should not be in any top-whatever list” when it comes to security, the researchers write. “We know the threat actors are already using a variety of other methods to break into our systems, and we should prioritize our resources to focus on the methods that they’re using now.”