Security threats to mobile devices are increasing and will reach critical proportions within 18 months, according to anti-virus firm McAfee.
The company says malware that targets devices such as smartphones, laptops and PDAs has increased 30 per cent since the beginning of 2006.
As the sophistication of mobile devices catches up with that of PCs they will contain more sensitive data and increase the security threat posed to corporate networks significantly.
Attacks can be launched via applications such as email, text messaging, web browsers, or via Bluetooth connections.
McAfee global threats team technology manager David Marcus says that until now the mobile security threat has been embryonic, but that is set to change.
‘Give it another year and mobile security will be an issue,’ he said. ‘Blueshooting from a malicious device can steal data from another Bluetooth-enabled mobile device without the victim even knowing.
‘Bluetooth was not designed with security in mind and varies from device to device, making it easier to target than to fix. The only way to protect against the threat is to switch it off.’
The shift towards a more mobile workforce will be paralleled by an increased security threat, says Shena Crowe, an FBI agent focused on cyber crime.
‘I guess you could call it the new frontier; we are living in a mobile community and I think we will see more mobile device threats,’ she said.
The mobile market in Europe is more sophisticated than in the US, and theft of data from mobile devices is already more prevalent. Stopping criminals from carrying out attacks will not be easy.
‘The mobile threat is still pretty new to the general population, and I have yet to see any prosecutions. We have to gather enough evidence to show intent, damage, and how much they have made,’ said Crowe.
‘The lack of cyber crime reporting is one of the biggest challenges we face in law enforcement; we find ourselves pulling threads on a spider web and seeing what moves.’
Crowe says the nature of data theft is becoming more targeted, including the theft of mobile devices.
‘In the past year and a half there have been some large-scale, targeted, profit-driven data thefts, which can sometimes be as simple as stealing a laptop,’ she said.
Ovum analyst Graham Titterington says sophisticated devices used by mobile workers carry sensitive corporate data, and will inevitably be targeted by fraudsters. Bluetooth is a particular point of vulnerability.
‘A professional mobile workforce will be using high-featured devices with the kind of computing power that viruses can infiltrate,’ he said.
Ellen Daley, analyst at Forrester Research, says businesses must start taking measures to combat mobile security threats.
‘Companies need to get serious about this by about mid-2007,’ she said.
What do you think? Email feedback@computing.co.uk
Further reading:
reader comments