More than a billion Android phones at risk of being hacked, experts say

'It's very concerning that expensive Android devices have such a short shelf life'

Andrew Griffin
Friday 06 March 2020 17:56 GMT
Comments
In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England
In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England (Leon Neal/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

More than a billion Android devices could be hacked, experts have warned.

The devices – many of which are in active use and have been bought relatively recently – are no longer support by security updates and so do not receive patches for bugs and other issues, new research has warned.

It means that people using the phones could be hit by bugs that are distributed widely and can be exploited by hackers relatively easily.

A report by consumer group Which? found that about 40% of Android users were running older versions of the software, which no longer receives security updates from Google.

Android is the world's most popular mobile operating system and as a result, Which? says there are potentially millions of smartphone users at risk of data theft and other cyber attacks.

According to 2019 figures from Google, there are more than 2.5 billion active Android devices in the world.

Older versions of mobile operating systems, generally those more than two years old, often have security updates from developers stopped - with firms such as Google encouraging users to instead update to a newer version of the operating system in order to best secure their device from modern cyber threats.

Google and Apple, the makers of the world's two most popular mobile operating systems, Android and iOS, release new versions of their software annually, followed by smaller, periodical updates for several years after to fix any further issues found within them.

According to the Which? report, older phones tested from manufacturers including Motorola, Samsung, Sony and LG were found to have vulnerabilities.

Which? said anyone using an Android phone released in 2012 or earlier, including popular devices at the time such as the Samsung Galaxy S3 and Sony Xperia S, should be "especially concerned".

It also encouraged anyone running a version of Android older than 7.0 Nougat, which was first released in 2016, to try to update their software as this version is now no longer supported by Google.

However, if a device cannot be updated it is likely to need to be replaced.

Which? computing editor Kate Bevan argued that consumers should be able to rely on longer periods of support for their mobile devices.

"It's very concerning that expensive Android devices have such a short shelf life before they lose security support, leaving millions of users at risk of serious consequences if they fall victim to hackers," she said.

"Google and phone manufacturers need to be upfront about security updates, with clear information about how long they will last and what customers should do when they run out.

"The Government must also push ahead with planned legislation to ensure manufacturers are far more transparent about security updates for smart devices and their impact on consumers."

The Government has previously announced plans for new laws which will force manufacturers to improve the security standards of internet-connected gadgets, including giving a minimum length of time for which the device will receive security updates.

In response to the report, a Google spokesman said: "We're dedicated to improving security for Android devices every day.

"We provide security updates with bug fixes and other protections every month, and continually work with hardware and carrier partners to ensure that Android users have a fast, safe experience with their devices."

The Which? research said that generally speaking, the older the device, the greater the risk of it being vulnerable to hackers.

However, previous studies have indicated that smartphone owners in Europe and the US are holding on to their devices for longer, with smaller steps in innovation each year and the rising price of smartphones cited as key reasons for not upgrading more regularly.

Additional reporting by Press Association

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in