Windows might still suffer from a host of security woes, and cybercriminals are constantly attacking Microsoft’s operating system, but looking ahead, it won’t stand atop all others.

Security firm Sophos has released its 2013 Security Threat Report, and has revealed that Android is now the top target for hackers, beating out Microsoft’s Windows operating system.

The security firm found that during a three-month period this year, 10 percent of Android-based devices experienced some form of malware attack. Just 6 percent of Windows PCs, meanwhile, were hit by an attack.

“Today, the most common business model for Android malware attacks is to install fake apps that secretly send expensive messages to premium rate SMS services,” Sophos wrote in its 2013 Security Threat Report. “Recent examples have included phony versions of Angry Birds Space, Instagram, and fake Android antivirus products.”

The threat should not – and cannot – be overlooked. During the second quarter of 2012, alone, over 100 million Android devices shipped worldwide, according to Sophos. Research firm IDC reported recently that during the third quarter, worldwide Android shipments hit 136 million, nearly doubling the 71 million units shipped last year.

Since the 1990s, Windows has been the top target among malicious hackers and cybercriminals. And why not? The operating system has a huge installed base and whether it’s through the software itself or third-party programs, there are a host of ways the bad guys can get into computers and run amok.

However, those same cybercriminals are realizing that the future is in mobile. As smartphone and tablet shipments soar – over 181 million handsets shipped in the third quarter, alone – the number of PCs hitting store shelves has hit the rocks. During the third quarter, 87.5 million PCs were shipped worldwide, representing an 8.3 percent drop compared to the 95 million that hit store shelves last year. It’s believed that PC shipments are down because of the growing popularity of mobile products, like tablets.

In the world of hacking and malware, everything turns into a numbers game: the more products out there, the greater the revenue opportunity. And Android just so happens to fit within that framework.

But that’s not the only benefit for hackers. Although Windows users have been conditioned over the years to question security, in the mobile space, their guard is down. Not enough major outbreaks have impacted us to make us think twice about clicking that link or opening up that app.

To make matters worse, the anti-malware tools available in the Android ecosystem just aren’t as strong as they could be. Security firms are behind the times a bit. And until they catch up, we’re all at risk.

So, what should we do to try and safeguard ourselves? According to Sophos, adhering to safe practices, like only surfing to known sites and not downloading anything that might be dangerous, are good steps. However, the firm also warns that we should consider the “reputation” of app developers, stick with mostly popular programs, and download from trustworthy stores, like Google’s Play marketplace.

Oh, and one more thing I think is important: hope against hope that things actually get better.