The Pegasus affair has revealed the degree of vulnerability of smartphones, sometimes surprising flaws that antivirus publishers try to anticipate.

""The number of attacks on mobile terminals is exploding compared to PCs,"" warns the cybersecurity researcher Yann Busnel.No more time when Windows served as an easy victim while smartphones remained untouchable.In question, the explosion of Android and iOS worldwide in the early 2010s.37 million French people favored their smartphone to connect to the Internet in 2020 according to Médiamétrie.Cyberataters therefore have no reason to confine themselves to PC platforms.

Adware, malware, spyware ... The threats weighing on touch screens have not really changed nature compared to those weighing on traditional computers.Has one nuance...""The iOS and Android applications live in an airtight space called sandbox, they do not interact with the operating system"", decrypts Ondrej David, malware analyst on mobile for the Avast Czech antivirus editor.These are security measures that do not exist on PC and which therefore constitute an additional technical difficulty for pirates.Pirates who had to adapt their methods and show an endless imagination to surprise their victims, as shown by the Pegasus affair this summer.

The VPN, the rampart of organizations

Smartphone antivirus have a very specific feature compared to Windows and MacOS versions.With absolute discretion, they must not disturb the user, nor plug the performance of the mobile, often less important than that of an office PC.In any case, when their installation is possible.If the antiviral scans are possible on Android, a very open system, no need to think about it on iOS.Apple voluntarily pushed the concept of sandbox to the end.""On iPhone, it is impossible for us to offer an analysis, even if we have web protection that can block the threat,"" regrets Gauthier Vathaire, marketing manager for the Romanian Cybersecurity Bitdefender company.Hence the speech held by antivirus publishers with the customers of the apple brand.Rather than checking if a virus is present on the phone, their virtual private network (VPN) filters threats to the network before they arrive on the smartphone.

Uncommonable site, suspicious or phishing application in sight, VPN is used in prevention against aggressions.But this intermediary can also protect the user from a data interception on a more local scale.Particularly abroad...If it is rather rare to connect to public WiFi networks in France given the advantageous offers in data from mobile operators, the temptation is greater by passing borders.""As soon as we travel abroad, we often connect to public networks, even in transport.VPN avoids data interceptions, ""said Gauthier Vathaire.In the IRISA research unit for which he works in Rennes, Yann Busnel recognizes the importance of VPN in the computer security protocol: ""Our information systems management recommends the use of a VPN to accessto all internal data, in addition to antivirus protection present on most smartphones.""The risks weighing on research work, commercial contracts or political information can be found as much on the smartphone of an employee as on his computer.Hence the increased vigilance of the actors.The smartphone is considered a mini-PC having to benefit from the same security.

The revelation, this summer, of the existence of a Pegasus virus, developed by the Israeli company NSO, paralyzed the European ruling elites at the same time as no one was untouchable.There remains a question: would an antivirus have been able to detect this furtive attack which exploited Zero-Day flaws, that is to say never discovered by other actors than NSO? Yes, replies Gauthier Vathaire.""As it is a remote Trojan horse, our web protection could have filtered DNS requests and block orders from servers,"" says the expert from Bitdefender.The main antivirus editors interviewed proudly respond in the affirmative, but to the conditional.Easy to say once the flaw was revealed in broad daylight.

Cloud antivirus

Even if the antiviral scan is possible on Android, it can be limited.Each antivirus has a database listing known viruses.This is the signature system, namely how the malicious file is formed.For José Araujo, Orange Cyberdefense technology director, this technique traditionally used on PC platforms is not sufficient.In order to fill the holes in the racket, artificial intelligence is added in addition: ""It is possible to analyze with algorithms to find out what the behavior of the software and if it is malicious.""

But this rustin based on still experimental is far from infallible.For companies, the cybersecurity branch of the historic operator promises to put the big means.In the cloud, the computing power is much more ambitious than the small CPU of a smartphone.A detection method called cyberfiltre signed orange associates not one or two antivirus, but different eight. ""Nous avons des plateformes en ligne à qui l'on soumet des logiciels pour faire tourner plein d'antivirus en même temps, ça augmente les possibilités de détection"", détaille José Araujo.A solution without installation and for professionals who go through the orange network.The manager claims that this option will be open to the general public in the future.

IPhone syndrome

Among the great legends about the world of antivirus, that of the infallibility of iOS is by far the most discussed.News does not play in favor of Apple, the Pegasus virus mainly targeted a safety flaw in the iPhone application of the iPhone.What damage the protective image that the apple brand wants to give its ecosystem.However, iOS presents many advantages in terms of security.Simply because it is a partitioned ecosystem. ""Apple laisse moins de liberté aux utilisateurs alors que sur Android, il y a plus de choix sur la provenance des applications, donc plus de risques"", justifie Gauthier Vathaire.In this case, there is talk of the possibility on Android to use alternative application stores to the play store, unthinkable on iOS where everything must go through the App Store. ""Ce n'est pas à la portée de tout le monde, mais de plus en plus d'applications sont proposées sur Android en apk (format des fichiers d'applications exécutables sur l'OS, ndlr), comme Fortnite pour ne pas payer les commissions du store"", poursuit Gauthier Vathaire.

Another asset of iOS, Apple's control over software and hardware.Both are inseparable unlike the Android universe, usable by any manufacturer.A luxury that allows the brand to ensure the updates of iPhone longer than its competitors. ""Apple est exemplaire en la matière (les appareils sont suivis pour au moins cinq ans, ndlr), alors que sur Android, le mises à jour ne dépendent pas de Google, d'où l'intérêt d'avoir un antivirus.46% of Android smartphones worldwide have more than two years. Ça fait un gros parc à la merci des failles zero-day"", note Gauthier Vathaire.But once a flaw is found on iOS, it makes the terminal just as vulnerable as another, hence the feeling of security sold a little excessively by Apple. ""Il y a des millions de lignes de code sur un téléphone, donc il sera toujours vulnérable parce qu'il y a des failles humaines"", confirme le chercheur Yann Busnel.

Best illustration of the safe reality of a smartphone: the movements of the black market.Mobile safety flaws exchange at it at gold prices.And for José Araujo d'Orange, iOS is not more inviolable than Android, this testifies the prices charged. ""Aujourd'hui,les vulnérabilités sur Android se monnayent 2,5 millions d'euros contre 2 millions sur iPhone, preuve qu'on a de plus en plus de mal à avoir des failles sur Android.""Even with the best antiviral tools in the world, zero risk does not exist and the rule of prudence learned in the PC world must be the same on smartphones. ""Un antivirus sur mobile apporte une sécurité, mais on ne peut pas entièrement se reposer dessus, ni se permettre des comportements à risque"", rappelle José Araujo.