Cyber-criminals’ Next Target Will be Mobile Handsets: Report

by VR Sreeraman on Oct 19 2008 10:28 AM

U.S. experts are urging cell phone users to exercise the same caution with their mobiles that they do to protect their computers from spam and virus attacks.

The Georgia Institute of Technology Information Security Center (GTISC) says in its annual Emerging Cyber Threats Report that mobile devices can become targets for hi-tech criminals.

The report suggests that with the rise in the number of smartphone users, more applications will allow financial and payment infrastructure that employs them, and cyber-criminals will try to obtain such sensitive data.

Simeon Coney of Adaptive Mobile, a firm that tracks malware and provides security software for mobile firms, hinted that the number of mobile spam and viruses was increasing.

"One of common types we see now runs amok on the Symbian platform. These viruses work their way through the contact book, sending themselves out to every subscriber who has been called or has called that handset," the BBC quoted him as saying.

He revealed that network operators receive 100,000 virus incidences a day, nearly a 50 per cent rise on last year.

The reason why most subscribers were not infected could be due to mobile viruses’ being comparatively unsophisticated at present, he said.

"The first generation of these were fairly easy for mobile operators to detect," he said.

"Just like the first PC viruses came across as screensavers, in the mobile instance they came across as executable files. No-one was ever sending executable files themselves so it was easy to detect and block that.

"But in the last four months, the majority of viruses we now see are of a new type that either masquerade as an MP3 file, a picture file, or a media file," he added.

Coney insists that people better employ the same behaviours familiar from computing.

"People should start to exercise that same caution with their mobile devices that they do today on their PC; think twice before running any attachment from someone you don’t know, check your bill on a regular basis, and ensure your Bluetooth connection is not set in discoverable mode,” he said.

The report suggests that co-operation between operators, manufacturers, and application developers can make it easier to develop a robust security infrastructure for mobiles.

Since the average life-cycle of mobile devices is just two years as compared to 10 years for a PC, according to the report, developing security infrastructure for mobiles will happen quickly.

"Because the mobile communications field is evolving so quickly, it presents a unique opportunity to design security properly - an opportunity we missed with the PC," says the GTISC’s Patrick Traynor in the report.