Smartphones Open the Door to New Mobile Threats
They are sleek, they are powerful, and they are a wish list standard. Smartphones, like iPhone and BlackBerry, are creating a collective buzz that can be heard worldwide.
The hype is well deserved. Mobile devices have matured and with their coming of age we now have capabilities that seemed far-fetched only a few years ago. For employees and executives the world over, smartphones make corporate data and applications available anytime, anywhere.
But just as a smartphone is now capable of downloading data and applications wirelessly, so can it download viruses, spyware, even pornographic content, without a user’s consent. The use of flash memory cards on some phones opens yet another door for malware to spread to these devices.
The threat is real and growing. A recent PC World article reports that malware writers are ramping up their activity in the mobile arena, learning from proof-of-concept threats and fine-tuning the amount of user interaction required to propagate the damage.
According to SMobile Systems, a company that specializes in mobile security, there are over 400 wireless threats currently, and more are predicted to arise by year’s end. The threats can take many forms. Among the attacks are those that attempt to delete data, those that record a user’s phone calls, and those that send SMS text messages with links to malicious web sites.
It is a simple equation: greater use equals greater exposure. The explosion in smartphone use and the productivity gains that come with it have increased the security risks for corporations. Given their functionality, smartphones should be treated as an extension of the computing network system, just as desktops and laptops are.
Until recently, enterprises were wary of pushing business applications onto mobile devices. Security concerns were also a primary focus for corporate users given the potential consequences and cost of exposing sensitive data. But strong demand has begun to turn the tide. In this endeavor, it is critical that IT organizations address security issues early on.
Different types of suppliers are working to deliver solutions – smartphone manufacturers, mobile networks, and security vendors – and increasingly finding that by coming together they have a better chance to prevent security issues from compromising the uptake of mobile technologies.
Matt Hines from InfoWorld recently spoke with several security executives. From Kara Hayes, a senior product manager at Nokia, he reports that encryption is one solution that is generating great interest. And from Scott Totzke, from Research in Motion, the maker of the BlackBerry, he reports that customers are increasingly demanding ways of protecting data. The InfoWorld article quotes Totzke on customer’s needs: “They want tools to kill information or lock it down when a handheld is lost, they want to encrypt sensitive data in transit and at rest, and there are growing concerns about compliance.”
Providers of security solutions are extending their reach by working directly with mobile operators. One of them, Finnish company F-Secure offers security bundles through mobile operators, such as T-Mobile and Swisscom, and mobile handset manufacturers such as Nokia.
Time will tell if mobile threats escalate as is assumed that they will. But following security best practices should be an equally wise move, whether using a smartphone or any other type of computing device.
When it comes to the using the Web, nothing is quite like content. Internet users spend more time online viewing news or entertainment content than on sending e-mail, shopping or searching for information. A study conducted by Nielsen/ NetRatings logged a 37 percent rise in the amount of time spent viewing online videos and news. Overall, nearly half of time spent online in 2007, 47 percent, is made up of viewing content. The study sites the explosion of web content, like social networking sites, along with an increase in online speeds as factors in the increase.
Term of the Month
The Hosts File is a file stored on your computer that is used to look up the Internet Protocol (IP) address of a device connected to a computer network. Some spyware changes your Hosts File in order to redirect you from a site you intended to visit to sites that the spyware company wants you to see.
Source: Anti-Spyware Coalition Glossary
You already know the paid versions of Lavasoft’s anti-spyware software have vital real-time protection to relieve the burden of constant malware attacks. But Ad-Aware 2007 Plus and Pro versions also include built-in privacy and security tools, for example, the Hosts File Editor. You can use the Hosts File Editor to take control of your Web navigation by blocking advertisement sites, reversing browser hijack entries, assisting with parental controls, and creating navigation shortcuts. To use the Hosts File Editor in Ad-Aware 2007, from the “Tools and Plug-ins” tab, select “Tools” and then click “Hosts File Editor.” New users can find more specific directions in the Ad-Aware 2007 Product Manual.
Creating strong online passwords is one piece of the security equation. If you are wondering just how secure that password you have created really is, Lavasoft News has come across a website you can use to rate passwords, to help you learn how to create better ones. Try out the “Password Strength Meter” on Securitystats.com. Remember, even though the site will not store the passwords you enter, test a password similar to one you might use (not your real password), as the site advises.