Prepare for more mobile security threats now

Prepare for more mobile security threats now

Threats to mobile device users in North America are set to boom, warns ISS

1. New apps and mobile advertising

Multimedia messaging is popular in Europe but hasn't yet caught on in the U.S. When it does -- and it will -- it will provide hackers with far more opportunities.

"MMS provides a fuller suite of what you can deliver," Lamb said. "You can deliver data, audio, video instead of just a flat file payload."

Similarly, while there is virtually no mobile advertising delivered to mobile devices, cellular carriers and advertisers are clamoring to move in that direction. That will open a huge door for hackers, according to Lamb.

"It will be hard to differentiate between [legitimate] mobile ads and what could be phishing or spam attacks," he said. "One reason that e-mail spam is still ubiquitous is that people fall for it because it's hard to differentiate between legitimate and illegitimate messages. If you overlay that on the mobile device and have MMS messaging, well, it would be wrong to think that the criminal underground won't latch on to that."

2. Operating system are coalescing

Most malware and other threats to mobile users have been written for devices based on the Symbian operating system. That's because, for now, it is the dominant mobile platform worldwide, according to numerous market-share studies. However, Symbian has yet to become popular in North America, where Palm once dominated and Windows Mobile and Research In Motion's BlackBerry are widely used.

In other words, the number of smart mobile devices worldwide is still small, and no one system dominates. That has helped slow mobile security threats, Lamb said.

"If you're a criminal organization and want to leverage mobile devices to do mobile spam, extortion or whatever, you'd have to decide what platform you wanted to focus on," he noted.

However, Lamb pointed out that Microsoft is making rapid progress with Windows Mobile on a worldwide basis and said that most experts expect it to become dominant in the next several years. That means hackers can start turning their attention to that one platform.

"Before, you had to be an expert on all those platforms to write things like viruses and Trojans, but that's not going to be the case anymore," Lamb said. "Things are consolidating. Hackers want the most bang for their buck, and consolidation requires much less expertise for those writing malicious code."

3. Hardware platforms are coalescing

Similarly, until recently, there were a wide variety of hardware used in mobile devices, Lamb noted. That's no longer the case. Now, virtually all mobile devices employ Intel Corp.'s X-Scale chip set architecture and use ARM instruction sets.

As with multiple programs, that coalescing of hardware systems makes hackers' jobs much easier since they no longer have to write different code for each platform. Plus, it's easier to delve into the intricacies of one dominant system, Lamb noted.

"What we're seeing is that a lot of the criminal underground is dissecting how ARM works so they can write code for it to give them control over these endpoint computers," Lamb said.

4. The rise of unified communications

One major theme at the recent Interop networking trade show was unified communications -- the ability to communicate in many different ways using many different applications and devices over disparate networks. Increasingly, individuals and companies will use mobile devices over both cellular data networks and over IP networks for disparate applications such as voice over IP, instant messaging, collaboration tools and accessing key data.

"We're seeing the convergence of communications platforms," Lamb said. "We'll have one seamless set of technologies, and you won't be able to demarcate mobile computing from desktop computing."

In other words, Lamb said, all devices will have multiple access points for hackers.

"That will make mobile devices as important to [malware writers] as desktops are now," Lamb predicted.

5. Better battery life

While many mobile device users still complain about the battery life of their devices, that's one area that has been significantly improving. And that's another reason life is becoming easier for those who want to hack devices.

"Battery life has always been bad for the criminal underground because they couldn't predictably control a device for a long time," Lamb said. "But there have been a lot of advances. Now, it's not unheard of for, say, a BlackBerry to go a week between charges."

This combination of better battery life, fewer hardware and software systems, and more multimedia messaging and other applications, means life is rapidly becoming easier for mobile hackers, Lamb said. Are you ready to deal with this problem?

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments