Do smartphones need security software?
As smartphones become more widely used and more advanced, they’re also becoming more prone to malware attacks. How at risk is your smartphone?
Mobile phones are becoming more advanced, with features that can almost match a computer in functionality. This theoretically means that a smartphone is susceptible to the same security threats, yet they're continuously left unprotected.
The number of people using smartphones as a work tool has increased hugely in the last three years, and analyst group IDC has predicted that more than 70 per cent of workers will be using their mobile phone to connect to corporate networks within four years.
However, mobile phones are not secured in the same ways as a computer.
David Emm, a member of the Global Research and Analysis Team at Kaspersky Lab says that at a recent IT security event, only 30 per cent of visitors admitted that the security features put in place on their computers covered mobile phones and PDAs.
Graham Cluley, Senior Technology Consultant at Sophos agreed that people don't secure mobile phones as much as they should.
"Many people don't have a secure password on their mobile phones or their companies have not implemented encryption to ensure that the sensitive data remains secure," he explained.
To Cluley, the biggest risk presented by mobile phones is when they are lost and end up in the wrong hands, with sensitive data unprotected.
Solutions do exist to protect data from being extracted from a lost or stolen mobile phone. A number of companies, including BlackBerry, have created software which enables the owner to secure all data and prevent access to it until the device is recovered and, in the case of theft, automatically wipes all information remotely.
"Although some mobile phone viruses exist they are very small in number compared to viruses infecting regular Windows computers. The mobile viruses we have seen appear to have largely been written by teenagers showing off rather than with the financial motivation which drives most malware today," explained Cluley.
Most of the threats we have seen so far have been designed for the Symbian platform, but Windows Mobile threats have also been detected, with one security risk for iPhone discovered last year, in the form of a trojan.
However, Emm has seen evidence of an attack that could become more of a concern.
"In January of this year we detected a Crimeware program (a trojan known as SMS.Python.Flocker Trojan) for Symbian, one of the most common mobile phone operating systems worldwide, that targeted customers of an Indonesian mobile phone operator, which offers a money transfer service," he wrote in a report.
The trojan virus sent SMS messages to customers with instructions to transfer money to the cybercriminal's account.
Viruses can infect mobile phones in a number of ways, although to date most have been transferred via Blutooth and MMS messaging. However, in theory, they could also be sent via email and web downloads as more people use smartphones as communication and web devices, said Cluley.
Time for phone antivirus
Despite the risk being fairly low in comparison to PC infections, Cluley explained that installing security software is still beneficial to some.
"You may wish to run anti-malware protection on your mobile phones to ensure a consistent security policy across all of your computing devices. Mobile phones can carry and forward malware which would run on a Windows desktop computer, even if it can't infect the phone itself."
Inevitably, we would expect to see more mobile malware in the future, but it doesn't look as though it's going to be anything like as big a problem as PC problems for some years.