Why the mobile malware threat is overstated

At least a dozen news outlets and tech blogs are reporting that the number of Android devices infected with malware tripled from 2011 to 2012, according to new data from mobile security firm NQ, totaling nearly 33 million gadgets last year. And 95 percent of those infections were targeted specifically at devices running Google’s mobile operating system.

NQ’s press release fits a well-worn narrative in mobile: Apple has minimized malware threats, the thinking goes, because it polices its App Store so vigilantly, while Google’s laissez-faire philosophy with Google Play coupled with the open source nature of Android makes it a prime target.

But as mobility manager Brian Katz wrote last week, malware studies are typically conducted and spouted by security developers looking to boost sales of their “solutions.” But those solutions are often of dubious value, Katz wrote, and most malware isn’t downloaded from either of the two major mobile app stores — iOS gadgets are more likely to be infected when users sideload apps onto a jailbroken device, and Android malware is often downloaded from any of the lesser-known stores around the world that carry Android apps. So for enterprises concerned about their mobile devices, the best protection against infections isn’t the latest version of security software, it’s educating their users.