Mobile Malware on the Rise
Guest Blog: Andrew Ford
A friend of mine shared an interesting story with me; A week ago she unfortunately dropped and broke her smartphone but fortunately she had taken out insurance. So a quick visit to the original supplier resulted in a replacement phone two days later. Before collecting her replacement phone she diligently backed everything up... except her photos. The shop assistant said not to worry because he could download the photos, from her damaged smartphone, onto a USB key (via a laptop in the store). She could then upload the images onto her own PC at home. As the download would take nearly an hour she happily left her smartphone in the store while she went about her business rather than wait, guarding her phone, while the download completed. How trusting of her! When the download was complete my friend’s new smartphone was returned along with a USB stick full of photos, however she wouldn’t have known if such precious data went elsewhere as well!
There is no way I would consider leaving my unlocked smartphone in a store with a shop assistant I didn’t know while photos were downloaded. How could my friend be sure only her photos were being downloaded? How could she be sure her phone wasn’t being infected with malware? How did she know her phone wasn’t being cloned? Perhaps I am a cynic as I work in the mobile security business but smartphones have all our personal details stored on them so I would be extremely reticent to leave it unattended, even for a minute. This experience coupled with findings from Symantec’s recent Internet Security Threat Report (ISTR) show that mobile vulnerabilities increased by 93% in 2011.
With the number of vulnerabilities in the mobile space rising and malware authors not only reinventing existing malware for mobile devices, but creating mobile-specific malware geared to the unique mobile opportunities, 2011 was the first year that mobile malware presented a tangible threat. We need to be even more vigilant as these threats are specifically targeting sensitive data. We don’t need to help the cybercriminals by being lax in looking after our smartphone and mobile devices. It continues to be important to ensure we password protect our devices and consider using mobile security software from a trusted supplier. We all need to look after our devices with the same vigilance as we look after our wallet, purse or house keys.
For further reading you can check out www.MobileSecuirty.com NB. This website is in beta at the moment so please do tell us what you think.