Mobile devices are the most prominent electronic device that people use today to communicate with one another. Unlike desktop and laptop computers, which now have a long history of security compromises through numerous viruses and other malicious software, cell phones and other mobile devices have been relatively free of such problems. That is beginning to change.
Mobile devices are equipped with Internet access, Bluetooth and such other technologies that open the door to security threats. While the affordability of mobile devices has made them “must-have” items, their accessibility and popularity make them attractive to hackers and malware writers who are eyeing up victims of their next attack.
Dangers
The first real cell phone worm, called Cabir, was released in July 2004. It targeted the Symbian operating system and spread by sending an executable file via Bluetooth. Brothers Ben and Adam Laurie, information security consultants, discovered that an attacker can cause a malicious action, such as disrupting the device or initiating a voice data or fax call by silently gaining access to a particular target device. These attacks are more common to Bluetooth-enabled devices.
Text messages (SMS) can originate from another mobile device or any one of the many free SMS Internet gateways. As a result, if you know a cell phone number, you can flood the recipient with SMS.
When mobile device users receive or download files from unknown senders they put the security of their device at risk. To prevent problems, users can install antivirus specifically designed for their handset.
Security Challenges
People do not seem as cautious about using anti-virus on their mobile devices as on their other computers. In fact, studies by Juniper Research show that there will be 247 million mobile devices by 2011 that will have security products installed on them, but this number constitutes only 8 percent of the total mobile devices on the planet.
A security policy is difficult to implement for mobile devices because of the various networks in use and a wide spectrum of brands of the handsets and other equipment. Also, people communicate across many countries, and security policies vary from country to country. Despite difficulties coming to a unanimous agreement, organizations are better off creating a security policy, however, than leaving the organization and users at risk.
To avoid the risks, one can install various anti-virus software. The use of handsets provided by the network operators only has the centralized control of doing the virus check. Symantec Mobile Security provides protection against malicious attacks directed at devices by allowing the administrators of the management system to send installation and configuration to the users' devices.
Also, to discuss and overcome the security issues associated with the security of wireless devices, a full disclosure mailing list called MobileBugTraq has been established. They are trying to provide automated updating approaches to devices to counterattack the threats. Current approaches to patching involve major software releases or updating a device in a store.
Although it is impossible to be completely immune to attacks, researchers are steadily trying to decrease the susceptibility of mobile devices to malicious threats.
References
- DR Sees Mobile Insecurity
(Light Reading) - [In]Security PDF (Gary McGraw)
- Mobile Insecurity (Dark Reading)
- Mobile Phone Security Attacks (V3)
Share your comments, feedback or questions about this article and other topics. Go to our blog or our Facebook group .
Print view
Email to a friend
Submit to Reddit
Save to del.icio.us
Submit to Digg.com
Stumble It!