Your smartphone today is most likely more powerful and feature-rich than your desktop computer was only ten years ago.
And smartphones are on track to eclipse the number of PCs as the preferred method of both personal and professional computing (Deloitte Study declares 2011), so cybercriminals have turned their attention to these rapidly multipying mobile devices.
“In a recent survey of large businesses, it found that nearly 40 percent considered smartphones the device type posing the largest security threat.
The popularity of mobile payments and the increased use of banking on mobile phones in Europe and Asia that are leading malware to the mobile phone. Lack of security awareness among cell phone users and carelessness are two of the most important risk factors for smartphones.
According to Panda Security, 90.34% of mobile malware targets the most popular Symbian mobile operating system (OS),platform, 4.14% targets Windows Mobile, 3.35% targets Palm OS, and 2.07% targets J2ME. Trojan programs, however, represented 62.16% of malware samples. Luis Corrons, technical director of PandaLabs, attributes the prevalence of Trojan programs to efforts by cybercriminals to overwhelm the defenses mustered by computer security companies.
“Mobile systems lag far behind the established industry standard for open disclosure about problems and regular patch distribution,” according to former Google Android security framework engineer Chris Palmer, who is now technology director of the nonprofit Electronic Frontier Foundation. Apple also tends to ship patches for terrible bugs in a lackadaisical fashion. An example: iOS 4.2 (shipped in early December 2010) contained fixes for remotely exploitable flaws such as this FreeType bug that were more than several months old at the time of patch release. To ship important patches so late is below the patch standard established decades ago by Microsoft and Ubuntu.
Should we learn from Europe’s and Southeast Asia’s telephony malware dilemma, as reported in the NY Times and PC Magazine?
Read on for prevention and Industry Best Practices…