Mobile will be under attack

Thursday, 22 May 2008 00:00 Written by By Kirsten Doyle and Ilva Pieterse

Mobile devices need the same protection as PCs, says former White House advisor MOBILE DEVICES and applications are the next logical place to go for the next generation of destructive activity, says , former White House cyber advisor and president and CEO of R&H Security Consulting.

Schmidt said in his keynote address at the ITWeb Security Summit 2008: "As we become more dependent on our mobile devices, we`ll become more vulnerable to attacks. A new generation of mobile applications, that are easy to use and financially viable, are being developed, but who is looking after the security of these applications? Who is developing anti-virus software and encryption? Not many people are doing it."

Johnny Cache, hacker for hire, agreed: "Mobile devices are running real operating systems; therefore, they must be treated like computers and have comparable security."

The hardware on mobile devices is so advanced it has turned them into real computers. According to Cache, this makes them an attractive target. The 400MHz processors on phones are comparable to laptops of only a couple of years ago. The huge investment of time has been removed, as there is a whole industry of standardised operating systems, and code that attacks them all. This is what is making mobile devices attractive targets today.

Barclays deputy head of group information risk management Mark Logsdon said as financial institutions are increasingly operating from a mobile platform, new security issues were raising their heads.

"New vulnerabilities are arising with mobile banking, driving new solutions and challenges all the time."

Schmidt said the traditional virus companies were best positioned to tackle mobile security, but commercially they are still ahead of the curve there was still not enough user demand for them to focus on it. New players might emerge to fill the gap. In the meantime, security professionals should use their experience to do preventative work, he said.

He commented that significant progress had been achieved in protecting fixed infrastructure networks, and that experience should be used in pre-empting mobile vulnerabilities. In August, it will be five years since the last major Internet outage, such as the Nimda virus attack that caused a massive ripple effect across the Internet.

"We`ve been doing a pretty good job," he said.

Schmidt likened a security infrastructure to the Taj Mahal, which is made up of tiny individual tiles - each is different, but each plays a role in making up the whole structure. "I`m asking you as an individual to be part of that mosaic - to do your part to make your environment more secure, robust, richer, more resilient and more secure."

Tags: Security  Summit