Sunday, June 29, 2008

Review : Growing Threat from Mobile Malware

A new more dangerous time for mobile device users, filled with mobile malware, is upon us. As with desktop computers, the Lilliputian world of PDAs and smartphones is no longer immune to malicious attack.

The number of mobile malware attacks is on the rise, according to a study by the Informa Telecoms & Media that was sponsored by McAfee. Eighty-three percent of mobile operators surveyed have been hit by device infections -- five times more than the number of incidents in 2005.

This snoopware is an extreme example of the vulnerability to which our phones can expose us. The more likely target by hackers will be financial or personal data on a smartphone.

Another example of malware is FlexiSpy which is discovered in March 2006. FlexiSpy is a worm and it normally infect through internet download typically installed by someone other than phone owner. Once the phone is infected with this spyware, it will send a log of phone calls and copies of text and MMS messages to a commercial Internet server for viewing by a third party.

I totally agree that there is potential for cyber crime to occur in the mobile networks as cell phones have evolved into smart phones that enable phone users to download programs from the Internet and share software with one another through short range Bluetooth connections, worldwide multimedia messaging service (MMS) communications and memory cards, the devices’ novel capabilities have created new vulnerabilities. Scoundrels were bound to find the weaknesses and exploit them for mischief or, worse, for criminal gain.

Antivirus software now available from many companies can immunize and disinfect smartphones. Yet few customers have installed such protection. That needs to change. Phones should also incorporate firewall software that warns the user when a program on the phone seizes the initiative to open an Internet connection. This is an especially important form of protection for smartphones that can connect to Wi-Fi (also called 802.11) networks and thus directly to the public Internet. Many cellular companies aggressively filter traffic on the GPRS or UMTS data networks that their mobile devices use; open Wi-Fi networks have no such protection. And while some carriers already filter their MMS streams to remove messages bearing malicious attachments, all should do so.

The number of mobile viruses will more than double over the next year or two, and is expected to target applications such as m-commerce and mobile banking. Most users have to lose a phone before they realize how much information they have put on it. The risk to corporations is also high because data is leaking out of corporations through mobile devices because they are linked to the corporate system.

No comments: