With all the talk about smartphones such as the Apple iPhone 3G, security vendors have sought to stir up discussions about mobile phone security. While those mobile and wireless malware threats haven't fully materialized, this holiday season may be the time for consumers to begin arming themselves for the mobile malware battles ahead.
Even with all the good news lately regarding spam, with Thanksgiving days
away and Christmas around the corner, we can all safely assume cyber-criminals
will be hard at work.
For the rest of us, that means having up-to-date security software and
malware protection. But with the popularity of smartphones such as the
BlackBerry and Apple iPhone 3G on the rise, it may be time for consumers to
start thinking about securing these devices as much as their desktops and
According to the latest Mobile Market View, a consumer study of U.S.
mobile phone users conducted by The Kelsey Group with research partner ConStat,
almost 19 percent of mobile users now use a smartphone. Among those surveyed,
more than 49 percent plan to purchase an advanced mobile device in the next two
years. The survey was conducted in October and included responses from 512
mobile phone users aged 18 and older.
While security vendors have been sounding the alarm around mobile malware
for some time, the idea of a massive mobile malware attack has lived largely in
the realm of the theoretical. Compared with the threats to PCs, the amount of
malware in the wild targeting mobile devices remains relatively small.
With that in mind, Gartner analyst John Girard noted that what consumers
should be more concerned about is smartphones being lost or stolen.
"Most of the carriers offer smartphone data security and backup/restore
services," Girard said. "There is value in them."
Security vendors are trying to tackle this problem in their own way.
Kaspersky Lab, for example, includes a number of anti-theft features in its
Kaspersky Mobile Security offering. In the event of loss or theft, a user can
send a hidden SMS (Short Message Service) message to block access to the phone
until a preset password is entered. A similar feature can also wipe the phone's
While smartphone theft or loss may be the bigger threat, the presence of
malware targeting mobile phones suggests the saber-rattling by security vendors
may be for good reason. Take, for example, the polymorphic worm
WinCE.Pmcryptic.A, which targets smartphones running Windows CE platform on ARM
processors. As described by Symantec, the worm does little in the way of actual
damage, but forces the phone to dial premium rate numbers.
Other threats such as WinCE.Infomeiti steal information. That particular
worm, which targets the Windows CE platform and Windows Mobile 5.0, only works
on devices with a default language of Simplified Chinese.
Though the threat landscape in North America doesn't
seem to have caught up to the hype just yet, security vendors are placing their
bets that the tide will turn soon. A number of security vendors besides
Kaspersky make products for smartphones, from McAfee and Symantec to smaller
companies like ESET.
So while the immediate threats faced by mobile users
remain nowhere near those faced by PC users, you may end up buying security software
for your smartphone a few months from now anyway.