Smartphones: The New Hacker Frontier
In the first quarter of 2010, statistics show that global smartphone shipments topped 54 million – a 57 percent jump from the previous year. With such growth, it should come as little surprise that hackers are adapting their tested methods for infecting computers to attack Internet-enabled mobile and smartphones.
To date, the biggest smartphone breach occurred on Google (Nasdaq: GOOG) Android phones. Users that downloaded certain wallpaper applications actually opened their phones up to hackers who harvested the phone and voice-mail numbers, as well as data used to disclose a user's physical location. The wallpapers were downloaded more than 1 million times, and information was transmitted to a Chinese Website. In one week, Google had to take down more than 80 such applications to protect its users.
Such attacks underscore the potential for hackers that are looking at Web browsing and application downloads as two fertile fields from which they can gain valuable information. And as hackers become more creative with their efforts, there is no doubt they will turn their attentions to hacking phones used by enterprises and organizations in order to glean even more nefarious treasure.
Enterprises and organizations should be taking strong measures to counter such attacks now, as discussed in the new Heavy Reading Mobile Networks Insider report, "Mobile Security: The Coming Boom in Authentication." Companies analyzed in this report include: ActivIdentity Corporation ; Arcot Systems ; Diversinet Corp. ; Entrust Inc. ; PhoneFactor Inc. ; PortWise AB ; SafeNet Inc. (Nasdaq: SFNT); and Vasco Data Security International Inc.
The number of smartphone attacks is small compared to that of PC attacks – there are about 40 million known malicious programs that target PCs, as opposed to about 600 for smartphones. But enterprise IT professionals and mobile authentication vendors agree that the next 12 months will see an astronomical increase in the number of attacks against smartphones.
Several factors will drive those attacks. Smartphone users are not smart when it comes to protecting their information, with most still relying on simple passwords as their only form of security. Also, enterprises and organizations – especially those in the financial services and healthcare industries – are increasingly introducing new applications for smartphone users, giving hackers access to banking, credit card, and other vital information.
Smartphone protection must be implemented at the enterprise level. Companies should already utilize two-factor authentication and other security afforded by mobile authentication vendors. Once enterprises force their employees to understand the importance of protecting mobile devices, there will be a trickle-down effect to the consumer market.
Meanwhile, mobile authentication vendors must remain diligent about making their solutions affordable and simple to use. As PC users have shown, the only types of security measures that succeed are those that do not infringe on speed and utility. As vendors continue to create and market such solutions, enterprises will have no choice but to face the reality that smartphones are the new hacker frontier.
— Denise Culver, Research Analyst, Heavy Reading Mobile Networks Insider
The report, Mobile Security: The Coming Boom in Authentication, is available as part of an annual single-user subscription (six issues) to Mobile Networks Insider, priced at $1,595. Individual reports are available for $900. To subscribe, please visit: www.heavyreading.com/mobile-networks.