Google's Android mobile operating system (OS) is the target of 99 percent of the world's mobile malware, according to Cisco.
Cisco revealed the trend in its 2014 Annual Security Report, which also showed that the Andr/Qdplugin-A malware was the most common Android variant, being used in 43.8 percent of all known attacks.
Cisco reported that the Android malwares are mainly spread as Trojanised applications designed to look like real, legitimate apps on third-party marketplaces. Director of cyber security at Cisco Terry Greer-King told V3 the high attack levels are generally believed to be due to Android's open nature.
"Android also has a large install base and is therefore an attractive target for hackers. It's an open platform with innumerable iterations, and hence is easier to exploit compared to a closed OS," he said.
Android's open nature lets developers alter the OS and create marketplaces and applications without Google's knowledge or consent.
Cisco's findings mark an increase in Android attack levels reported by most other vendors and agencies. The US Department of Homeland Security (DHS) listed 79 percent of all mobile threats as being designed to target Android in August 2013.
The paper also revealed Java to be the most commonly targeted coding language in the world. Cisco reported linking Java exploits to 91 percent of all Indicators of Compromise (IOCs) during its cyber forensics work.
Java has been a constant headache for firms and security vendors, with new threats appearing on a daily basis. In 2013 the vulnerability levels forced Oracle to release numerous security patches for the platform.
Greer-King said criminals' preference for Java is due to its cross-industry status. "The ubiquity and our heavy reliance on applications like Java, that help us use the internet and complete work faster, keeps it high on the list of favoured tools for criminals," he said.
"In the US, for example, 97 percent of enterprise desktops and 89 percent of desktop computers overall run Java. Simply put, this provides an attack surface too big to ignore."
The trends come during a boom in cybercrime: Cisco claims overall vulnerability and threat levels have reached their highest ever seen since it began tracking them in May 2000. The firm said 2013 was a particularly bad year, with cumulative annual threat alert levels increasing by 14 percent since 2012.
Cisco's chief security officer John Stewart said in order to deal with the influx of new threats, businesses will have to alter their traditional approach to cyber security.
"Although the Cisco Annual Security Report paints a grim picture of the current state of cyber security, there is hope for restoring trust in people, institutions and technologies – and that starts with empowering defenders with real-world knowledge about expanding attack surfaces," he said.
"To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during and after an attack."
Stewart is one of many security experts to call for firms to adopt more intelligence-based security strategies. The UK government has launched several initiatives designed to help businesses adapt their strategies, including the launch of the Cyber Security Information Sharing Partnership (CISP) in 2013.