Threat of malicious apps that puts data and money at risk

IT security

A new report highlighted the threat malicious apps pose to people’s data and money.

The National Cyber ​​Security Center has found that hundreds of thousands of people may have been left exposed by fraudulent apps containing malicious malware created by cybercriminals, as well as poorly developed apps that can be compromised by hackers exploiting software weaknesses.

He said that while millions of people use apps every day to shop, bank, and make video calls, there are few rules governing the security of the technology or online stores in which they are sold.

To provide better protection for consumers, the government is launching a request for views from the tech industry on improved security and privacy requirements for companies running app stores and developers building apps.

Under the new proposals, app stores for smartphones, game consoles, TVs and other smart devices may be required to commit to a new code of conduct that sets out basic security and privacy requirements. The government said this would be the first such measure in the world.

This will cover developers and store operators making apps available to UK users. This includes Apple, Google, Amazon, Huawei, Microsoft and Samsung.

The proposed code would require stores to have a vulnerability reporting process for each app so that flaws can be found and fixed more quickly. They would need to share more security and privacy information in an accessible way, including why an app needs access to users’ contacts and location.

Cyber ​​Security Minister Julia Lopez said: “The apps on our smartphones and tablets have immensely improved our lives, making it easier for us to bank and shop online and stay in touch with friends.

“But no app should put our money and data at risk. That is why the government is taking steps to ensure that app stores and developers raise their security standards and better protect UK consumers in the digital age. “

The NCSC report found that all types of app stores face similar cyber threats and the most important problem is malware – corrupted software that can steal data and money and mislead users.

For example, last year some Android phone users downloaded apps that contained the Triada and Escobar malware on various third-party app stores. This has led to cyber criminals remotely taking over people’s phones and stealing their data and money by signing them up for premium subscription services without the individual’s knowledge.

Terrifying “cat and mouse game” ransomware threat

The NCSC report concluded that the government’s proposed code of conduct will have a positive impact and reduce the chances of malicious apps reaching consumers on different devices.

NCSC Technical Director Ian Levy said, “Our devices and the apps that make them useful are increasingly essential to people and businesses, and app stores have a responsibility to protect users and maintain their trust.

“Our threat report shows there is much more for app stores to do, with cybercriminals currently using app store hotspots on all types of connected devices to cause harm.

“I support the proposed code of conduct, which demonstrates the UK’s continued intention to address systemic cybersecurity problems.”

The code follows a government review of app stores launched in December 2020 which revealed that some developers are not following best practices in app development, while well-known app stores do not share clear security requirements with developers.

Threat of malicious apps that puts data and money at risk

Source link Threat of malicious apps that puts data and money at risk

Back to top button