Mobile viruses: Five things every CIO and IT manager should know
Bob Egan, Mobile Competency
10.11.2004
Rating: -4.00- (out of 5)
Bob Egan's weekly column
September 23, 2004 issue
What's happening
Mobile viruses began appearing in mid-June. The first two types -- the Cabir worm and Mosquito Trojan -- target smartphones that run the Symbian Series 60 operating system, while a third -- Duts1520 -- attacks devices running PocketPC.
Our Take
As wireless devices grow in sophistication and number -- more than one billion are in use worldwide -- it's no surprise that virus writers have begun targeting them. What's surprising is how quickly and how many ways they've found to exploit them. Enterprises should not underestimate this emerging threat.
Recommendations
CIOs and IT managers should immediately create policies aimed at protecting against mobile viruses. They also should require their wireless carriers to outline their network safeguards.
Summary
There are at least five things that every enterprise should know about mobile malware:
- What are mobile viruses? Like malware in the wired world, mobile viruses are small programs that infect a host device -- in this case, smartphones and wireless PDAs. Some of the initial viruses appear to be harmless in the sense that they don't create back doors or destroy data. Others – such as Mosquito – hijack the device into calling special phone numbers that carry high fees, running up the owner's bill.
- Which devices and platforms do they target? The initial crop of viruses attack devices running Symbian Series 60 or PocketPC. Symbian almost certainly was chosen because it's the most widely used smartphone OS, so it's safe to assume that it will be the target of more viruses. However, we expect other platforms to fall victim over the next few months.
- How do they spread? The Mosquito Trojan is hidden inside a game that's downloaded over a wireless network, while Cabir is spread via Bluetooth. The variety of entry points is troubling because it shows that virus writers already have a good grasp of wireless devices' vulnerabilities.
- How can we protect against them? Expand company wireless policies to forbid downloading games and other applications not directly related to work. Educate employees about the sources and symptoms of mobile viruses, including related threats such as Bluejacking and Bluesnarfing. Explore antivirus software for mobile devices. Require wireless carriers to outline their network safeguards.
- How do we remove them? These are the early days of mobile viruses, so effect removal techniques are being developed on the fly. Uninstalling the program that carries a Trojan appears to work in the case of Mosquito. The Web sites of Symbian and virus hunters such as F-Secure also are good sources of tips for identifying and removing viruses.
Bob Egan is president and CEO of Mobile Competency, a Providence, R.I.-based market analyst and consultancy. He can be contacted at bob@mobilecompetency.com or via phone at 401-241-4000.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchMobileComputing.com.
Register now
to start rating these tips. Log in if you are already a member.
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
