When comparing mobile operating systems, Apple iOS is generally believed to be more secure than Google Android. There are several reasons for this gap:
- Apple exerts tighter control over its platform. It makes both the hardware and the software for iPhones, iPads, iPods, etc., while Google is more of a software maker.
- The Android device ecosystem is fragmented, with literally thousands of handsets out there, each with different capabilities in terms of CPU speed, resolution, etc.
- Carriers and original equipment manufacturers also have a visible stake in Android, as they control issuance of updates and often insert their own apps/skins on the OS.
- Multiple app stores, as well as outside unscreened apps from the web, are also unusable on Android; this is impossible on iOS, short of jailbreaking the device.
The bulk of all mobile malware is on Android: about 97 percent of it, in fact, according to Pulse Secure. Specific threats such as compromised versions of Pokémon Go are also more common on Android. Granted, most devices are not infected, but Android users have more risks to watch out for, such as avoiding third-party app stores.
Still, iOS is not immune to the multifaceted dangers of mobile malware. Even since its early days, it has faced a decent share of threats.
Malware on iOS – past, present and future
The first known iOS-specific malware was the Ikee worm, which came to light in 2010. It only affected jailbroken devices by taking advantage of a weak default SSH password.
"This initially mischievous worm was soon picked up and modified to incorporate rudimentary botnet functionality and used in an attack against customers of ING bank in the Netherlands to steal banking information," explained the Trend Micro document, "A Brief History of Mobile Malware."
More recently, iOS has faced pressure from malware such as AceDeceiver, which was utilized in mainland China to attack factory configured iPhones. It was notable for not requiring its target to be jailbroken. Several apps were removed from the iOS App Store in response to the discovery of the issue.
Aside from such threats, there are plenty of privacy issues on iOS. Returning to Pokémon Go for a second, it initially featured a flaw in its Google Account sign-in that provided complete access to all of a user's emails, pictures and documents. This oversight was fixed in an update.
Looking ahead, there are likely to be more issues with how iOS is updated and maintained. In late July 2016, Apple issued an urgent OS update that closed a flaw that allowed malicious executable code to be sent via iMessage in renderable TIFF files. It will critical for end users to promptly update their devices, follow company security policies and have their data protected by top-notch tools.
Do not become complacent with iOS security. Invest in a cyber security solution that guards your mobile apps and data.