Five reasons to prepare -- now -- for more mobile security threats
Changing conditions lead to more threats
Mobile security threats are a relatively minor annoyance to a handful of users in Europe and Asia. However, conditions are rapidly ripening for these threats to start overwhelming both companies and individual users in North America.
That's the word from Kris Lamb, director of the Xforce team at Internet Security Systems Inc. His organization, which was acquired by IBM last fall, researches new security threats, including mobile ones. He said that part of his job is to monitor activity in what he calls the technology criminal underground.
Experts have long discussed the potential threats to mobile devices. After all, these widely used devices can store and access critical data. They also represent the new edge of the network, an edge that regularly walks out the door and can be stolen or lost in places such as cabs and seats in airport gate areas.
Lamb said that, until now, a number of factors have made it difficult for malicious code writers to get a toehold against mobile devices. However, those factors are changing rapidly, and life is becoming easier for those who would wreak havoc, Lamb said.
"A lot of the barriers to hackers have been shaking out in the last 12 months," Lamb said in an interview. "The crystal ball is getting clearer."
Lamb cited five factors in particular that are changing and what IT managers and individual users can do to mitigate increasing mobile security risks.
The current situation
The trend toward making mission-critical data available to mobile users is just starting and will grow rapidly, Lamb said. Some of the factors contributing to that growth will also benefit hackers, he added.
For instance, mobile devices now have multiple ways of connecting to IP networks, such as third-generation (3G) technologies and Wi-Fi. And virtually all mobile devices now support Bluetooth, which is one of the primary ways that hackers get into mobile devices, he said. Illicit access initiated via Bluetooth include the so-called Bluejacking and Bluesnarfing gambits, in which hackers use Bluetooth to send malicious text or multimedia messages or invite innocent users to partake in unsafe services.
So far, though, these and other threats have been annoying but not serious, involving things such as propagation of the threat using addresses in the device's address book, Lamb said. Or they can result in users inadvertently signing up for bogus programs that are billed to their cellular accounts.
However, even at this early stage, cellular carriers in Europe, where these threats are most common, are working feverishly to improve security, Lamb said.
"It's already a huge carrier problem," he said. "They're starting to get a lot of calls from customers for things like address book spamming. You get a lot of MMS [multimedia messaging service] messages flying around [launched by attacks on phone address books], and it's using a lot of their network capacity. It's annoying for users, and it's hard for carriers."
- The 5 Big Lies About Going Mobile You've heard about the power of mobile to change your business. But have you realized your mobile potential? It's about much more than...
- Use the Mobile App Mix to Choose an Enterprise App Store Strategy In this research report Gartner outlines how organizations can optimally secure, distribute, and manage mobile applications for employees and contracted workers.
- The Case for Mobile Apps Today's mobile apps turn handheld devices into e-book readers, portable navigation systems, digital wallets and more. And for organizations with mobile workers, they...
- Transforming enterprise applications for mobile environments This new white paper explains how Dell Application Modernization and Development Solution Set can help you understand when to develop new mobile apps,...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Mobile Apps White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!