Android App Hacking “Too Easy”… Security Reinforcement ‘Needed’
2016.07.18
Interview with Choi Myoung Kyu, CEO of Lockin Company
“Due to the OS environment structure, Android is bound to be vulnerable to security. Recently, as hacking attacks targeting mobile devices have increased, security needs to be strengthened to respond to them.”
Choi Myoung Kyu, CEO of Lockin Company, mentioned the vulnerability of mobile app security and emphasized the need to strengthen security for this.
Recently, threats to mobile security have been increasing significantly. As applications (apps) for different OSs and various functions from PCs are emerging as the core of mobile devices, the use of smartphones is expanding and the number of people using them is increasing, hacking attacks targeting them are also increasing.
▲ Choi Myung-gyu, CEO of Lockin Company
He said, “Current mobile apps are very dangerous,” and “especially in the case of Android, it is no different from a path that allows hackers to easily achieve their goals.”
Generally, PCs are configured to operate executable files in machine language, so when hackers change programs to plant malware, they must have the ability to view and modify the machine language, and this specific ability is relatively difficult, as only the top few percent of people have it. However, in the case of mobile devices in the Android environment, they are configured in a form similar to development source code rather than machine language, so anyone who can handle Java programs even a little can easily hack them.
He explained that this form of Android executable file is the result of Google’s pursuit of high compatibility between devices. He went on to emphasize that iOS is configured in the same machine language as PCs, and that the different configuration of this executable file has led to Android’s security vulnerabilities.
He explained the reason for the security vulnerability as, “The structure of Java development source code, which is not machine language, does not require a high level of capability from hackers,” and “This allows anyone who can handle the program even a little bit to predict and analyze how the app was developed, and also allows hacking and distributing malware along with modifying the app according to needs, such as inserting desired parts and deleting unwanted parts.”
Fortunately, it is a view that people’s awareness of mobile security is changing and there is a movement to strengthen security.
He said, “When I founded the company in 2013, people’s awareness of mobile security was almost non-existent,” and “At that time, it was urgent to create and distribute apps with ideas.”
He added, “Since then, awareness of security has improved with each passing year,” and “In particular, the need for security is very high in the finance and gaming sectors, and recently, even general companies are implementing app security to prevent internal data leaks.”
Currently, mobile app security is in prominent demand in the gaming sector. This is because mobile app vulnerabilities are the most prominent.
He explained, “In the case of the game industry, the purpose of hackers is clear,” and “the reward psychology for what can be gained in return for the investment, and the winning psychology of distributing hacked and modified apps and receiving praise from others are also high, so they are targeted as much as they can satisfy the desire for satisfaction and fulfillment, and the latest hacking techniques are coming in the most.”
As the number of people using mobile apps increases, attacks on mobile apps are likely to increase. In particular, in the case of Android, it is an environment that is bound to become a target for hackers because hacking is relatively easy due to the nature of the app structure, and you can get a lot of reward for the effort.
He said, “As hacking apps in the Android environment is easy, we must also have an environment that can respond to it,” and “He emphasized the need to strengthen Android app security again.
