Apple reported 700 million iOS devices around the end of October.
Google reported 1 billion around that time.
It really doesn't make sense that Android would have more attacks because of device ownership, especially in light of the usage statistics and the fact that many Android devices are pretty much dumbphones. The Cisco report seems to be online here:
It says 98% of Android malware is with SMSSend, which can:
- Steal your contacts and pictures
- Track your location
- Access your text messages
- Log your keystrokes and passwords
- Send SMS messages to premium numbers without your knowledge that can result in a very high phone bill
- Fake legitimate banking applications and steal your personal banking information when you log in
Most of that should be normal to Android users, it's just the last two items are things Google wouldn't really do themselves.
Anyway, it's really the infection rate that's important and Cisco doesn't seem to go into detail about that. Google doesn't seem to think it's a problem and the stats given here show quite a low infection rate:
"Google's Android chief of security Adrian Ludwig, who reported that only 0.001% of apps downloaded by Android users pose any harm to their devices or data.
The Google statistic includes not only apps downloaded from Google Play, but any app installed by a user on his Android device. Ludwig used the finding to argue that Google's approach to app installation -- in essence, anything goes -- is a better system than Apple's walled-garden model, which requires all apps to be vetted before they can be downloaded and installed by users on their devices.
"A walled garden systems approach [to] blocking predators and disease breaks down when rapid growth and evolution creates too much complexity," the biologically minded Ludwig told the conference, reported Quartz. "Android's innovation from inside and outside Google are continuous, making it impossible to create such a walled garden by locking down Android at the device level."
Ludwig continued by likening Android's security model to how the Centers for Disease Control and Prevention (CDC) tackles real-world infections. "The CDC knows that it's not realistic to try to eradicate all disease. Rather, it monitors disease with scientific rigor, providing preventative guidance and effective responses to harmful outbreaks," he said.
Do Google's mobile malware infection statistics and approach add up?
A study released Monday by researchers at the Georgia Institute of Technology and security firm Damballa, "The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers," found that mobile malware "appears in a minuscule number of devices" in the two networks they studied. Those networks belonged to "a major U.S. cellular provider as well as a major U.S. non-cellular Internet service provider." In particular, just 3,492 out of more than 380 million devices exhibited signs that they'd been infected with mobile malware. That's fewer than 0.0009%, which is even lower than Google's finding, although Google's research encompassed devices from outside the United States, where mobile infection rates have historically been higher."