A network security firm SonicWall revealed the top cyber threats to Android devices in 2016 as a part of its yearly Threat Report. Even though the overall level of Android security increased over the course of last year, a significant number of devices running Google's open source OS were still vulnerable to various cyber attacks. Screen overlays, automatically installing apps, DressCode, Metasploit, and HummingBad were the most popular malware attack techniques aimed at Android devices in 2016, SonicWall found. While penetration testing tools like Metasploit were designed for research purposes, hackers recently started focusing on methods in which they can use them to complement their Android malware. In general, Android malware became significantly more proficient in 2016, and its recent progress is most evident in the advancements in ransomware and malicious software designed to enable distributed denial-of-service (DDoS) attacks using Internet of Things (IoT) devices, the 2017 Threat Report reveals.
Overlay attacks were a particularly popular method of stealing data from Android users, but on the bright side, fewer such attempts were recorded over the course of last year. The same goes for malware in general, as SonicWall identified 60 million unique malware samples in 2016, four million less than the year before. The total number of malware attack attempts dropped in a similar fashion; after recording 8.19 billion attempts of malware attacks in 2015, the San Jose-based cyber security firm identified 7.87 billion last year. Point-of-sale malware experienced the largest year-on-year decline which amounted to 88 percent in 2016 in comparison to the previous period. SonicWall found that the number of infected adult-oriented Android apps available on the Google Play Store also dropped over the course of last year, but noted that the same cannot be said for third-party stores which allegedly still feature a significant number of compromised apps. One alarming trend identified by SonicWall is the apparent rise of ransomware as the company identified 638 million cases of ransomware attacks last year, 167 times more than in 2015. For one reason or another, British companies were approximately three times as likely to be hit with ransomware than their American counterparts.
SonicWall's latest Threat Report also revealed that the amount of Internet traffic encrypted with either SSL or TLS cryptographic protocols grew by 34 percent in 2016. The Californian firm attributed this trend to the rising user adoption of cloud storage solutions which increased by a similar percentage between 2015 and 2016, adding that 62 percent of Internet connections last year were encrypted with either SSL or its successor. All of the data presented by the firm was collected by the SonicWall Global Response Intelligence Defense (GRID) Threat Network. The network consists of a million sensors scattered around 200 countries and territories scanning Internet activity every second of the day, meaning that findings in this report are likely a relatively accurate representation of reality. More of SonicWall's latest findings can be seen in the gallery below.