June 24, 2008
Cell Security Seen As Profit Frontier
By Byron Acohido
The race is on to get businesses and consumers to pay for security for their cellphone the way they do for their PCs.
Security firms are also pitching more elaborate protections to corporate buyers. "Mobile devices represent the most porous piece of the IT infrastructure," says Jeff Aliber, senior director of anti-virus supplier Kaspersky Lab.
Having saturated PCs and networks with data-stealing programs and financial scams, cybercriminals are following people as they e-mail, text message and surf the Internet from their mobile devices. So far, cellphone users have not faced any pervasive threats "because it's still faster and easier for hackers to earn money in the PC domain," says Jan Volzke, McAfee's director of mobile security.
But recent developments suggest an opening for more wide-scale attacks. Verizon and AT&T this year outbid Google for a swath of airwaves. At Google's urging, the Federal Communications Commission required the telecoms to provide open access to any programmer who develops Web applications designed to run on devices that use those airwaves.
That ruling is expected to spawn a wave of cool applications for mobile browsers at a time when cutting-edge iPhones, Windows Mobile smartphones, RIM BlackBerrys and Palm Treos are gaining in popularity. As use of cellphones that act more like PCs reach critical mass, so will phone hacking.
"It's going to be like the early days of Web applications, people throwing code together as fast as they can, giving no thought to security," says Aliber.
Tech analyst Jack Gold, of J. Gold Associates, predicts that in the next few months, profit-minded hackers will take aim at the hottest mobile device on the market. "You're going to see a lot of malware being written for the iPhone," says Gold.
The bad guys are certainly ready to pounce. One recent attack spread a program called InfoJack that infected Windows Mobile smartphones. InfoJack disabled the phone's security settings and connected it to a server in China, giving the intruder a way to install malicious programs.
Cybercrooks are most likely to seek tech-gadget lovers who use cellphones to access corporate networks, or to shop and bank online. "The more sensitive data you store on that device, the more valuable it is to an attacker," says Mark Kominsky, CEO of Bluefire Security Technologies, a mobile devices security company. (c) Copyright 2008 USA TODAY, a division of Gannett Co. Inc. <>>