Recognizing that mobile threats are looming on the horizon, AT&T will offer wireless-security services to consumers in 2012, according to an AT&T executive.
mobile devices are on the rise. However, mobile users are particularly
vulnerable as they don't protect their devices because they assume there is
very little risk.
To defend against mobile
threats, AT&T is planning to roll out wireless-security services for
consumers, John Stankey, the head of AT&T's enterprise business division,
told Reuters May 16. The company already offers similar security services for
its business customers to protect employee cell phones.
AT&T consumers shouldn't
expect to see these services before 2012, as Stankey said there's very little demand
from consumers for mobile-security products at this time. Stankey didn't
provide a lot of details, and wasn't clear whether it would be a paid service.
"When you start asking
them what's your willingness to pay for a solution, if they're not a little
frightened, their willingness to pay is nothing," Stankey said, just
Technology Media and Telecommunications Summit
in New York City.
The security service would
be an easier sell to customers as they become more aware of the threats,
according to Stankey. Once consumers are primed to thinking about mobile
threats, subscription-based antivirus services will become as relevant to
mobile devices as they currently are on desktops and laptops, Stankey
A 2010 SANS Institute report
found only 15 percent of smartphone users currently have an antivirus
application on their phones.
Several myths about mobile
malware are contributing to consumer complacency, according to Amit Klein, CTO
of security firm Trusteer. Klein addressed trends in mobile malware during a
keynote at the AusCERT information security conference in Australia on May 17.
Some myths include claims
that sandboxes will prevent malware from compromising the device, that
malicious applications can't appear on legitimate application markets or that there is no money in creating malicious mobile applications,
according to Klein. "All myths will be proven wrong," Klein said.
A recent report from Juniper
Networks found that Android
jumped 400 percent over the past six months. The threats may come
in the form of malicious applications stealing user data, phishing attacks and
spam sent to premium numbers, the report found.
Android devices aren't the
only ones under attack, as iPhones are vulnerable to adware and the Zeus
has variants that target BlackBerry
Symbian and Windows Phone 7 phones, according to security experts.
"Hackers always go to
where there's a base of people to attack," AT&T's Stankey said.
Even though the volume is
increasing, the threat is not actually here yet. Mobile devices are not yet a
big enough target for malware writers, but this would likely change in the next
12 months, according to Klein. Stankey predicted a "spike" in 2012.
Klein noted that phone
malware has evolved over the years, from high-cost spam messages sent via SMS (Short
Message Service) that tricked users into dialing premium-rate international
numbers to Trojans that sent users to a phishing site to steal log-in
credentials to sensitive sites. The current crop of malware is more
sophisticated and can stealthily intercept and delete SMS messages, send email
messages and run applications without the user's knowledge. The next group of
malware will be even more advanced, with botnet tendencies to control devices,
according to Klein.
Criminals are waiting for
the "critical mass" to adopt mobile banking, according to Klein. "Once the
money is there, they'll be there within, not years this time, but months,"
The Juniper report said
mobile malware currently accounted for less than 1 percent of all malware