Contact
QR code for the current URL

Story Box-ID: 446536

ENISA - European Network and Information Security Agency P.O. Box 1309 71001 Heraklion, Crete, Greece http://www.enisa.europa.eu
Contact Mr Ulf Bergström +30 694 846 0143
Company logo of ENISA - European Network and Information Security Agency
ENISA - European Network and Information Security Agency

App-store security- the five lines of defence-new report by EU cybersecurity agency ENISA

ENISA today publishes a new report on app-store security where it advocates for a baseline set of 'five lines of defence 'against malware

(PresseBox) (Heraklion, Crete, )
The booming smartphone industry has a special way of delivering software to end-users: app-stores. Popular app-stores have hundreds of thousands of apps for anything from online banking to mosquito repellent, and the most popular stores (e.g. Apple App-store, Google Android market) claim billions of app downloads.

But app-stores have not escaped the attention of cyber attackers. Over the course of 2011 numerous malicious apps were found, targeting a variety of smartphone models. Dr Marnix Dekker, and Dr Giles Hogben, authors of the report say: "Using malicious apps, attackers can easily tap into the vast amount of private data processed on smartphones such as confidential business emails, location data, phone calls, SMS messages and so on. Consumers are hardly aware of this."

"Five lines of defence" to secure app-stores

Starting from a threat model for app-stores, the paper identifies what it calls "the five lines of defence" that must be in place to secure app stores from malware: app review, reputation, kill-switches, device security and jails. "This report provides a very practical and technical analysis of malware threats for app-stores in under 20 pages. The Agency has made an excellent choice of security techniques, and the recommendations are ready-to-use," says Raoul Chiesa, an Italian ethical hacker and cybersecurity expert.

Without overlooking the differences between the various smartphone models and app-stores, ENISA recommends an industry-wide approach to addressing insecure and malicious apps. "The number of malware attacks direct at smartphones still pales in comparison to PCs. This paper is a blueprint for how to maintain this head-start and address security across app-stores." says Professor Udo Helmbrecht, Executive Director of ENISA.

For full report: http://www.enisa.europa.eu/...

Background: Malware in app-stores is not the only risk for smartphone users; ENISA recently published a full overview of smartphone risks (http://www.enisa.europa.eu/...).
The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2024, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.