Mobile malware is stepping up

Richard Kirk, director of Fortify Software, claimed that people and organisations should expect more mobile Trojans in the future, after the Symbian Foundation has admitted it needs better safeguards to prevent malicious applications finding their way onto mobiles.

The Symbian Foundation acknowledged last week that its process for keeping malicious applications off Symbian OS-based phones needs improvement, after the botnet-building Trojan ‘Sexy Space' passed a security test.

Although this was a potentially serious failure in the foundation's audit procedure, claimed Kirk, it is an understandable mistake that the IT security industry's early movers and shakers probably made in the 1990s.

Kirk said: “Because of this, you can expect more of the same to happen in the weeks and months ahead, as the mobile industry gets to grips with its growing IT security teething troubles.”

He also said that the problem with mobile phones is that their processing capacity is increasing at a near-exponential rate, with some of the latest smartphones the technological equivalent of the PCs seen in the early part of this decade.

“Whilst the power of the average smartphone has soared on the last few years, the behind-the-scenes technology and security assurance practices required to prevent any security loopholes in the operating system and/or applications is not as up to speed as it is on the desktop/laptop platforms," said Kirk.

With high quality mobile email and internet access in a mobile device that remains constantly connected thanks to a mixture of GSM, 3G and WiFi connections, Kirk claimed that you have a potential recipe for a data leakage disaster in the making. The humble smartphone can offer hackers a nearly always-on back door into desktop PCs at home and corporate networks in the office.

See original article on scmagazineus.com