Seattle Community

Was this article helpful?

Be the first one to rate it!
0 votes

Mobile Security Threats

Mobile devises represent the new edge of the network, an edge that regularly walks out the door and can be stolen or lost in places such as cabs and seats in airport gate areas.
Written Mar 03, 2011, read 2330 times since then.
Closed_info

 

Until now, a number of factors have made it difficult for malicious code writers to get a toehold against mobile devices. However, those factors are changing rapidly, and life is becoming easier for those who would wreak havoc.

THE CURRENT SITUATION

The trend toward making mission-critical data available to mobile users has started and will grow rapidly. Some of the factors contributing to that growth will also benefit hackers. For instance, mobile devices now have multiple ways of connecting to IP networks. And virtually all mobile devices now support Bluetooth, which is one of the primary ways that hackers get into mobile devices.

So far, though, these and other threats have been annoying but not serious, involving things such as propagation of the threat using addresses in the device's address book. Or they can result in users inadvertently signing up for bogus programs that are billed to their cellular accounts. It's annoying for users, and it's hard for carriers. These problems are only a prelude to what’s to come.

The bottom line is that the threats to mobile devices are as dangerous and as common as threats to desktop computers and servers. Five reasons why this is the case, particularly in North America,

1. New apps and mobile advertising: Multimedia Messaging (MMS) is on it’s way and provides a fuller suite of what you can deliver. You can deliver data, audio, video instead of just a flat file payload. It will be hard to differentiate between [legitimate] mobile ads and what could be phishing or spam attacks. One reason that e-mail spam is still ubiquitous is that people fall for it because it's hard to differentiate between legitimate and illegitimate messages. If you overlay that on the mobile device and have MMS messaging, well, it would be wrong to think that the criminal underground won't latch on to that.

2. Operating system are coalescing: Most malware and other threats to mobile users have been written for devices based on the Symbian operating system. That's because, for now, it is the dominant mobile platform worldwide, according to numerous market-share studies. Microsoft is making rapid progress with Windows Mobile on a worldwide basis and said that most experts expect it to become dominant in the next several years. That means hackers can start turning their attention to that one platform.

3. Hardware platforms are coalescing: Similarly, until recently, there were a wide variety of hardware used in mobile devices, Lamb noted. That's no longer the case. Now, virtually all mobile devices employ Intel Corp.'s X-Scale chip set architecture and use ARM instruction sets. As with multiple programs, that coalescing of hardware systems makes hackers' jobs much easier since they no longer have to write different code for each platform. Plus, it's easier to delve into the intricacies of one dominant system.

4. The rise of unified communications: The ability to communicate in many different ways using many different applications and devices over disparate networks. Increasingly, individuals and companies will use mobile devices over both cellular data networks and over IP networks for disparate applications such as voice over IP, instant messaging, collaboration tools and accessing key data. In other words, all devices will have multiple access points for hackers. That will make mobile devices as important to [malware writers] as desktops are now.

5. Better battery life: While many mobile device users still complain about the battery life of their devices, that's one area that has been significantly improving. And that's another reason life is becoming easier for those who want to hack devices. This combination of better battery life, fewer hardware and software systems, and more multimedia messaging and other applications, means life is rapidly becoming easier for mobile hackers. Are you ready to deal with this problem?

WHAT TO DO ABOUT IT

As with threats against laptops, desktops and servers, all is not lost. The first thing small businesses should do is to create and disseminate a secure-use policy for users of mobile devices that access sensitive data. The next step is for small business owners to talk to security experts and vendors to see what mobile security products and services are available. That includes talking with wireless carriers.

Looking at IP-based mobile networks, such as those using mobile WiMax, when they become available, as opposed to 3G cellular data networks, which are old-style packet-switched networks. They give IT people visibility into the data that that is going to these devices and allows them to be sure that data coming into the devices isn't a threat.

In short, the time has arrived in which small business owners must pay as much attention to mobile security as they do to other security threats.

Marketing Specialist 
Everett, Washington 
Julie Rice

Julie brings 15+ years experience in marketing and sales operations focused on executing aggressive business growth plans. She has a strong track-record in developing effective sales development programs and campaigns by leveraging strategic marketing.

Learn more about the author, Julie Rice.

Comment on this article

No one has posted a comment yet. Be the first!