New mobile security threats emerge

New mobile security threats emerge

Mobile phone capabilities are growing by leaps and bounds -- and so are mobile security threats.

Ten years ago, mobile phone subscribers and operators only had to worry about two security threats: eavesdropping and fraud. Most mobile phones operated on reallocated UHF-TV channels using conventional FM radio technology. It was ridiculously easy (though illegal) to tap conversations and pluck phone identities off the air to make free international calls. Fraud was a huge problem for mobile phone operators.

Those problems largely dissipated as the industry converted to digital radio technology. The 3G technologies being deployed today by AT&T (formerly Cingular Wireless) and Verizon Wireless make hacking mobile phones over the air even more difficult and expensive.

Unfortunately, as mobile phones become more capable, a constellation of new security threats have emerged.

A growing percentage of mobile phones can download user applications and content over the air. That means they can also download viruses and spyware. Bluetooth is becoming a standard feature on mobile phones, and handsets with Wi-Fi capability are on the way. These short-range radio technologies are a potential backdoor for harmful code. Flash memory cards create another entrance to phones that used to have no windows or doors.

According to SMobile Systems, a company specialising in mobile security, there are more than 400 mobile malware threats, predicted to exceed 1,000 by the year-end. Most are viruses, but mobile spyware is on the rise.

New security-related concerns are popping up. Some operators can track the user's movements. However, this is mainly done with GPS-equipped handsets; the user is only automatically located when calling E911. There also is the specter of users accessing pornography in public. Camera phones are a recognised security threat at many business and government locations. Finally, with today's high-capacity flash memory cards, mobile phones could become vehicles for unauthorised distribution of copyrighted content.

What can be done about the mobile security threats?

There are several ways to thwart delivery of viruses, spyware and pornographic content to mobile phones. One method is to detect and block unwanted content in the mobile operator's core network before it gets to the user's handset. Companies such as Starent Networks produce packet data serving nodes that can use deep packet inspection to detect and remove security threats and unwanted content.

SMobile Systems offers a client-server solution for protecting mobile handsets. The firm believes the ideal security solution for mobile phones is a small footprint client application that is supported and frequently updated by a server application. The frequent updates ensure the client application is always aware of the latest threats. The client monitors for suspicious activity and, if necessary, can shut down associated processes. As handsets become more capable, they are increasingly used in applications such as mobile commerce, making them more attractive targets for hackers.

A distinction needs to be made between malicious mobile spyware and client applications designed to monitor mobile handset use for legitimate purposes. For example, the industry still has much to learn about making mobile applications and content easy to find and use. There is merit to recording and reporting the number of key clicks it takes users to perform specific tasks. And if subscribers would like to see more advertising-supported mobile applications and content, they need to let operators fully exploit the interactive nature of mobile phones. What's important is not that the information is gathered, but that the individual mobile user remains anonymous.

Mobile security threats are on the rise. But there are also ways to use mobile phones to enhance security, for example, sending a text message to the subscriber whenever their credit card is about to be used to make a major purchase. So while there are security risks associated with more capable mobile phones, the risks can be managed, and are partly counter-balanced by the opportunities these devices present for improving security elsewhere.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ira Brodsky

Network World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?