Do smartphones need security software?

As smartphones become more widely used and more advanced, they’re also becoming more prone to malware attacks. How at risk is your smartphone?

Mobile phones are becoming more advanced, with features that can almost match a computer in functionality. This theoretically means that a smartphone is susceptible to the same security threats, yet they're continuously left unprotected.

The number of people using smartphones as a work tool has increased hugely in the last three years, and analyst group IDC has predicted that more than 70 per cent of workers will be using their mobile phone to connect to corporate networks within four years.

However, mobile phones are not secured in the same ways as a computer.

David Emm, a member of the Global Research and Analysis Team at Kaspersky Lab says that at a recent IT security event, only 30 per cent of visitors admitted that the security features put in place on their computers covered mobile phones and PDAs.

Graham Cluley, Senior Technology Consultant at Sophos agreed that people don't secure mobile phones as much as they should.

"Many people don't have a secure password on their mobile phones or their companies have not implemented encryption to ensure that the sensitive data remains secure," he explained.

The risks

To Cluley, the biggest risk presented by mobile phones is when they are lost and end up in the wrong hands, with sensitive data unprotected.

Solutions do exist to protect data from being extracted from a lost or stolen mobile phone. A number of companies, including BlackBerry, have created software which enables the owner to secure all data and prevent access to it until the device is recovered and, in the case of theft, automatically wipes all information remotely.

"Although some mobile phone viruses exist they are very small in number compared to viruses infecting regular Windows computers. The mobile viruses we have seen appear to have largely been written by teenagers showing off rather than with the financial motivation which drives most malware today," explained Cluley.

Most of the threats we have seen so far have been designed for the Symbian platform, but Windows Mobile threats have also been detected, with one security risk for iPhone discovered last year, in the form of a trojan.

However, Emm has seen evidence of an attack that could become more of a concern.

"In January of this year we detected a Crimeware program (a trojan known as SMS.Python.Flocker Trojan) for Symbian, one of the most common mobile phone operating systems worldwide, that targeted customers of an Indonesian mobile phone operator, which offers a money transfer service," he wrote in a report.

The trojan virus sent SMS messages to customers with instructions to transfer money to the cybercriminal's account.

Viruses can infect mobile phones in a number of ways, although to date most have been transferred via Blutooth and MMS messaging. However, in theory, they could also be sent via email and web downloads as more people use smartphones as communication and web devices, said Cluley.

Time for phone antivirus

Despite the risk being fairly low in comparison to PC infections, Cluley explained that installing security software is still beneficial to some.

"You may wish to run anti-malware protection on your mobile phones to ensure a consistent security policy across all of your computing devices. Mobile phones can carry and forward malware which would run on a Windows desktop computer, even if it can't infect the phone itself."

Inevitably, we would expect to see more mobile malware in the future, but it doesn't look as though it's going to be anything like as big a problem as PC problems for some years.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021