Let’s imagine you traveled back in time, smartphone in pocket. Let’s say a medieval peasant sees you using this strange device. Naturally, they’d be curious. Would you be able to explain how it works? Most people wouldn’t, for a reason—smartphones are designed to be easy to use. And this can create a problem: tech-savvy criminals may view non-technical consumers as medieval peasants, prime for swindling. In recent days, that seems like the case. Cyber-crooks have tried their hands at a new tactic, based on a technical component of Android phones called the Linux kernel.
To understand this method, some background information is in order. Software is built in layers. Think of how a house is constructed. The roof is supported by walls, supported by scaffolding, supported by a foundation. It’s the same for operating systems, like Android. Specifically, the Linux kernel is a foundational layer in Android devices. It defines how applications interact with the device’s hardware.
Consequently, if cybercriminals can exploit the Linux kernel, they can tap into your phone directly. This is a step up from traditional attacks, where rogues typically have to infiltrate a website to send your device malicious instructions. With the new method, that’s not necessary—your device’s behavior can be altered without the middleman.
What does this all mean? Imagine this: you happen to land on a website, which unbeknown to you, isn’t secured. Suddenly, your phone shows a login prompt. After entering your username and password, that info is now in perpetrator’s hands. Criminals have controlled your device’s behavior from deep within its own software. And experts estimate that the Linux kernel issue could affect up to 80% of Android phones. That’s 1.4 billion devices!
Now, before anyone panics, there are some important caveats that should help you feel at ease about using an Android smartphone. Crooks can’t simply remotely access your phone. To pull this trick off, they must tap into a connection from your device like a website, message, or a link shared in their news feed. Specifically, they need to know the IP address and source. Even then, it would take 10 seconds to test the connection, then 45 seconds to inject malicious code. So this attack isn’t likely to be used in bulk against your average Joe.
At the same time, it’s important for people to be aware of security issues, big and small. The more educated users are, the better they can protect themselves. Since we know the Linux kernel hack needs access to connections to your phone, for example, we can defend against this loophole being exploited. By using encrypted communications, cybercriminals can be denied entry from the get-go.
Here are some tips to make use of, that explain how encryption can secure your Android:
- When visiting websites on mobile, look for the “s” in “https”. There are standards of web traffic that ensure that your connection is safe, but not all websites follow them. Luckily, you can spot the safe ones you visit on your phone. To do so, simply check if the website address begins with “https.” In the case of some browsers, that part is hidden, but there will typically be built-in features to let you know if a site is secure.
- Use reputable web and mobile apps. When large companies have many users and plenty of resources, they make a strong effort to secure their apps. For example, Gmail encrypts not only the content of the messages, but also the transit connection. Try to avoid mysterious, third-party apps.
- Make sure to update your Android. As security problems are discovered, companies update their software to put new defenses in place. While this Linux kernel issue affects new versions of Android, rather than old ones, that’s actually the exception. Generally, it’s always good to update your device—especially as encryption technologies improve.
Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.