Bob Egan's weekly column
September 23, 2004 issue
What's happening
Mobile viruses began appearing in mid-June. The first two types -- the Cabir worm and MosquitoRequires Free Membership to View
SearchMobileComputing.com members gain immediate and unlimited access to expert guides for mobile deployment, management and security, industry trends, and more-- all at no cost. Join me on SearchMobileComputing.com today!
Kate Gerwig, Editorial Director
Trojan -- target smartphones that run the Symbian Series 60 operating system, while a third -- Duts1520 -- attacks devices running PocketPC.
Our Take
As wireless devices grow in sophistication and number -- more than one billion are in use worldwide -- it's no surprise that virus writers have begun targeting them. What's surprising is how quickly and how many ways they've found to exploit them. Enterprises should not underestimate this emerging threat.Recommendations
CIOs and IT managers should immediately create policies aimed at protecting against mobile viruses. They also should require their wireless carriers to outline their network safeguards.Summary
There are at least five things that every enterprise should know about mobile malware:- What are mobile viruses? Like malware in the wired world, mobile viruses are small programs that infect a host device -- in this case, smartphones and wireless PDAs. Some of the initial viruses appear to be harmless in the sense that they don't create back doors or destroy data. Others – such as Mosquito – hijack the device into calling special phone numbers that carry high fees, running up the owner's bill.
- Which devices and platforms do they target? The initial crop of viruses attack devices running Symbian Series 60 or PocketPC. Symbian almost certainly was chosen because it's the most widely used smartphone OS, so it's safe to assume that it will be the target of more viruses. However, we expect other platforms to fall victim over the next few months.
- How do they spread? The Mosquito Trojan is hidden inside a game that's downloaded over a wireless network, while Cabir is spread via Bluetooth. The variety of entry points is troubling because it shows that virus writers already have a good grasp of wireless devices' vulnerabilities.
- How can we protect against them? Expand company wireless policies to forbid downloading games and other applications not directly related to work. Educate employees about the sources and symptoms of mobile viruses, including related threats such as Bluejacking and Bluesnarfing. Explore antivirus software for mobile devices. Require wireless carriers to outline their network safeguards.
- How do we remove them? These are the early days of mobile viruses, so effect removal techniques are being developed on the fly. Uninstalling the program that carries a Trojan appears to work in the case of Mosquito. The Web sites of Symbian and virus hunters such as F-Secure also are good sources of tips for identifying and removing viruses.
Bob Egan is president and CEO of Mobile Competency, a Providence, R.I.-based market analyst and consultancy. He can be contacted at bob@mobilecompetency.com or via phone at 401-241-4000.
This was first published in October 2004