The spy in your pocket

Your mobile phone could turn from being your best friend to a devious enemy, according to security experts.


So far, people have worried about losing phones and the valuable data they now carry. Statistics show that phones are lost 15 times more often than laptops, while a recent report said that four percent of phones will be stolen each year.

But that risk can be mitigated, by encryption and by software able to remotely wipe the phone's memory, for example. And although a high profile individual might be targeted for data theft, most phones are stolen for the hardware, not the software.

The real danger is emerging elsewhere - and it tries to stay hidden, according to security experts. That means viruses, it means Trojans, and it means a new class of spyware which has been labelled by some as 'snoopware'.

It also ties in with a change in malware motivation, according to Amrit Williams, formerly Gartner's security research director and now CTO with IT security specialist BigFix. He adds that mobile devices bring extra problems because they are not tied to desks where they can be managed and secured, and because people often use the same phone for work and leisure.

"Viruses used to be damaging, but not the threat they are today. It has moved from vandalism to cybercrime, it's financially motivated and targeted at your infrastructure," he says. "Convergence creates very complex problems too - business assets and personal assets are blurring."

It can be quite difficult to get users and IT staff alike to appreciate that phones are at risk, says Todd Thiemann, device security director at anti-virus developer Trend Micro, which recently introduced firewall and IDS software for Windows Mobile, with a Symbian version on the way.

"People are used to mobile phones being rock-solid - they didn't need management," he explains. "But now these are little computers and there's a need to change that mindset."

It is smartphones that are at risk, not Java-capable 'feature phones', because smartphones can run background processes. Over 100 million smartphones will ship this year, according to IDC forecasts - they are the fastest growing category of phone, growing 77 percent a year compared to 27 percent overall.

Thiemann adds that smartphones are attracting more and more software developers, both good and bad. Nokia, for instance, has 2 million registered developers, while Windows Mobile has 650,000. "The malware community is cutting its teeth and learning how to create for these devices," he says.

It is not just your infrastructure that is being targeted - it is specific companies, and individuals within those companies, adds Paul Miller, the director of Symantec's wireless & mobile security group.

"Mobility makes people the perimeter," he says. "You can't rely on firewalls any more, so centralised IT security mobile security policies are coming in. But this is not a PC, so the IT department has to go through a learning curve.

"Every platform has its vulnerabilities, and then it's a case of the biggest bang for the buck. Right now it's Symbian, as that's 60 percent of the market, but Windows Mobile is the fastest growing.

"For every one mobile virus, there's 600 on the PC. But mobiles out-ship PCs five to one, and while they are like PCs in many ways, they also face new threats."

He says the first financially-targeted mobile phone viruses used premium SMS messages to empty the user's account, and warns that with mobile phones increasingly being used as payment vehicles, financial attacks will grow.

"The mobile payment mechanisms don't put the same effort into detecting unusual spending patterns that Mastercard and Visa do, and criminals will choose the easiest route," he explains.

However, Miller argues that a bigger risk could be the emergence of snoopware. The first spyware of this kind, called Flexispy, appeared earlier this year and is marketed as a way to track your children and keep tabs on your spouse.

"What I tell people is that snoopware puts a stranger in your bedroom and a competitor in your boardroom," he says. "The phone's always with you, it's always a threat - 70 percent of people use their mobile phone as an alarm clock."

What's innovative about snoopware is that it attacks the specific features of phones. It can secretly listen in on conversations, or use the phone's camera to take photos or video, say. It could also access other data on a smartphone and make use of that too, according to Miller.

"My phone has my calendar and contacts on it, and the microphone is just another application, so snoopware can consult my calendar for a great meeting and listen in," he says. "Mobile spyware is much more an invasion of privacy than logging keystrokes and URLs ever was."

"Recommended For You"

First antivirus software for Android released The CIO struggle for smartphone security