Problem solve Get help with specific problems with your technologies, process and projects.

Mobile viruses: Five things every CIO and IT manager should know

As wireless devices grow in sophistication and number it's no surprise that virus writers are targeting them. Here's 5 things every IT manager should know about mobile malware.

Bob Egan's weekly column
September 23, 2004 issue

What's happening

Cabir worm Mosquito Trojan Duts1520
Mobile viruses began appearing in mid-June. The first two types -- the and -- target smartphones that run the Symbian Series 60 operating system, while a third -- -- attacks devices running PocketPC.

Our Take

As wireless devices grow in sophistication and number -- more than one billion are in use worldwide -- it's no surprise that virus writers have begun targeting them. What's surprising is how quickly and how many ways they've found to exploit them. Enterprises should not underestimate this emerging threat.

Recommendations

CIOs and IT managers should immediately create policies aimed at protecting against mobile viruses. They also should require their wireless carriers to outline their network safeguards.

Summary

  1. What are mobile viruses? Like malware in the wired world, mobile viruses are small programs that infect a host device -- in this case, smartphones and wireless PDAs. Some of the initial viruses appear to be harmless in the sense that they don't create back doors or destroy data. Others – such as Mosquito – hijack the device into calling special phone numbers that carry high fees, running up the owner's bill.

  2. Which devices and platforms do they target? The initial crop of viruses attack devices running Symbian Series 60 or PocketPC. Symbian almost certainly was chosen because it's the most widely used smartphone OS, so it's safe to assume that it will be the target of more viruses. However, we expect other platforms to fall victim over the next few months.

  3. How do they spread? The Mosquito Trojan is hidden inside a game that's downloaded over a wireless network, while Cabir is spread via Bluetooth. The variety of entry points is troubling because it shows that virus writers already have a good grasp of wireless devices' vulnerabilities.

  4. How can we protect against them? Expand company wireless policies to forbid downloading games and other applications not directly related to work. Educate employees about the sources and symptoms of mobile viruses, including related threats such as Bluejacking and Bluesnarfing. Explore antivirus software for mobile devices. Require wireless carriers to outline their network safeguards.

  5. How do we remove them? These are the early days of mobile viruses, so effect removal techniques are being developed on the fly. Uninstalling the program that carries a Trojan appears to work in the case of Mosquito. The Web sites of Symbian and virus hunters such as F-Secure also are good sources of tips for identifying and removing viruses.


Mobile Competency bob@mobilecompetency.com
There are at least five things that every enterprise should know about mobile malware: Bob Egan is president and CEO of , a Providence, R.I.-based market analyst and consultancy. He can be contacted at or via phone at 401-241-4000.
This was last published in October 2004

Dig Deeper on Enterprise mobility strategy and policy

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchNetworking

SearchUnifiedCommunications

SearchSecurity

Close