Against the backdrop of growing workforce mobility and smartphone sophistication, viruses, worms and Trojans have gone mobile.
Costin Raiu, chief security expert and head of Kaspersky's virus lab for Eastern Europe, the Middle East and Africa, argues that current trends and the latest malware samples suggest that it will not be long before the present steady stream of threats turns into a flood.
Smartphones remain a hot topic in security circles, with good reason. The devices sit at the confluence of a number of trends, which suggests that they represent the next major malware frontier.
The first trend, workforce mobility, continues to grow and has led to the proliferation of smartphones throughout the world.
The second important trend is device usage and the current generation of smartphones are sophisticated enough to have become integral to the conducting of business online. They are now routinely used to perform confidential tasks, including banking, and to store valuable, private data.
The third trend is the rapid increase in mobile and online services, each one a potential revenue stream for cybercriminals.
The situation is even more acute for corporate networks since mobile workers regularly have to access sensitive data on corporate networks from outside the enterprise firewall. Potential infection rates are higher than before because the devices now make use of Bluetooth and WiFi links, as well cellular wireless networks. Not only that, but infections can potentially spread throughout the organisation much quicker now that enterprises have started to standardise their smartphone platforms.
These converging trends make smartphones attractive, almost irresistible targets and there is a wealth of evidence demonstrating how lucrative smartphone malware is becoming. If your device hasn't been infected by a virus yet, this might change in the near future.
While current threat levels remain significantly below those of PCs and desktops, the devices are not immune to attacks. More than 500 viruses and other types of malware that specifically target smartphones have already been identified and a steady stream of around 10 new threats are confirmed each week.
The nature of the malware threat is also evolving quickly. The first worm for mobile phones, Cabir, appeared in June 2004 and, in the short period of time since then, an array of viruses, worms and Trojans for mobile devices have appeared – a collection of threats that otherwise took 20 years to develop on PCs.
Cabir also reveals how swiftly the malicious code can be spread. The worm, which transmits itself between devices using the Bluetooth wireless network, has already been reported in over 40 countries across the globe. What makes Bluetooth particularly attractive to hackers is the fact that many users keep their Bluetooth-enabled devices in 'discoverable' mode, leaving them open targets for infection.
While smartphone malware is still rather simple in comparison to its PC-focused counterpart, its consequences can be equally costly. The effects vary from making the device completely unusable while the worm remains installed, using the device to make unauthorised calls or to send SMS messages to premium rate numbers, to information theft 'crimeware' – such as Brador, Flexspy or other mobile Trojans – that allow the malware author to steal confidential data stored on a mobile device.
The first Trojan targeting mobile phones running Java applications was discovered in 2006. Trojan-SMS.J2ME.RedBrowser.a spreads in the guise of a program called RedBrowser, which claims to let victims visit WAP sites by sending and receiving free SMS messages instead of using a WAP connection. However, the Trojan actually sends SMS messages to premium rate numbers for which the victim is charged.
"History teaches us that technological 'ease of access' always pre-empts security and that the lag is, naturally, exploited vociferously. It is also clear that the use of smartphones has gained critical mass and made the devices irresistibly attractive to cyber criminals," says Cabir. "We suspect it will not be long before the present steady stream of threats turns into a flood."