Mobile Security: The New Face of Digital Terrorism
Author: Eric Everson

Hackers have been on the leading edge of digital terrorism for at least ten years now which has put cybersecurity into the national spotlight under the Obama Administration. Issues such as denial-of-service (DoS) attacks, attacks on government contractors, and the recently reported breach of defense contractor computers that let hackers get information on the Joint Strike Fighter, suggest that hacking has become commonplace in the computing industry, but is there a greater threat looming?

Looking at the digital security environment, there is one digital front that remains largely untouched by existing cybersecurity policy: mobile security and the great wireless vulnerability. The world has become completely dependent on mobile communication devices from basic cell phones to advanced smartphones. Throughout the world the use of mobile communications continues to rise and new frontiers of mobile commerce (i.e. mobile banking/payments) are finding their way into less developed markets. The reality is that cell phones are everywhere we look, but the issue is that handset-level security remains our greatest digital security vulnerability.

Why would a terrorist want to write code for your cell phone? A simple question, yet one that offers a frightening glimpse into our global issue of mobile security. In mobile communications the wireless industry operates in a network-secure environment and leaves handset-level security up to the mobile user. This has fostered an environment where the wireless network-level itself has safeguards in place, but the majority of mobile devices remain open to attack. The reality of digital terrorism in the mobile environment is that through the use of readily available Mobile Operating System (MOPS) Software Development Kits (SDKs) entire wireless markets could be systematically infected and ultimately shutdown in a DoS type of attack at the handset-level.

We’ve already seen mobile viruses that are capable of replicating themselves by auto-disseminating through your contact list. We’ve already seen the large-scale implications of JavaMite mobile viruses capable of attacking the Java-enabled plane of entry (globally nearly 80% of mobile handsets in operation today are Java-enabled). With mobile threats on the rise and an increasing arsenal of mobile hacker tools becoming readily available, the new face of digital terrorism is mobile in nature. Imagine the ability to cut off mobile communications to an entire city, country, or even continent and this is the raw power of digital terrorism that we face. Sure, the network-level has its safeguards, but what is protecting phones at the handset-level? This is something that handset manufacturers are fighting through their own unique methods but an issue that is becoming of increasing concern for mobile users… and government officials.

Remember the whole spy-proof smartphone debacle surrounding President Obama’s love of his BlackBerry? The reality is that data mining is easily accomplished via mobile handsets through any number of mobile keyloggers that are available on the open market. Whether reading someone’s messages or looking for more specific data, the technologies to access this proprietary data can be easily adopted by anyone with basic software skills. There are so many issues from data high-jacking to mass DoS attacks that are pushing their way into the mainstream realm of the digital security environment. The growth of mobile banking and the global reliance on mobile handsets is attracting hackers to this newest theater of mobile vulnerability.

Eric Everson is a leader in mobile technologies and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com

Ref: Wired.com

0 Comments | Add a Comment | Permalink

Mobile Security: The Battle at the Handset-Level
Author: Eric Everson

For many years there has been a significant rise in mobile security vulnerability which has been largely ignored by wireless service providers. Traditionally service providers have dismissed mobile security concerns by reassuring subscribers that their networks are secure. This disengaged approach introduces the reality of the ongoing battle at the handset-level of mobile security.

How safe if your handset? Considering the proprietary nature of data that so many of us now communicate through our handsets, the reality is that few mobile users really know how secure (or unsecure) their handset really is. Whether you are sharing pricing data or remotely collaborating on proprietary projects, there is no denying that mobile handsets have become a staple of the commercial digital environment.

What few mobile users tend to consider is the risk that their handset represents both to company data and of course more directly to their personal data. For example, one technology that is largely available and is being used by mobile hackers is GPS-based handset tracking. This software can be used to remotely monitor your physical presence and can track your every move. For an executive, having your travel monitored via such technology by a competitor might prove detrimental to your business strategy. The frightening part, which too few realize, is that this type of application can be secretly loaded to almost any handset by simply opening a text message or email.

With so many tools flooding into the mobile hacker environment, the battle for handset security is rapidly growing. Mobile threats such as mobile keyloggers, remote monitoring tools, and mobile viruses are quickly becoming a mainstream problem which is poised to directly impact the future of global information technology security strategy. Mobile devices are quickly becoming the weakest link in an organizations digital security profile which is a battle that must be fought at the handset-level.

As the founder of MyMobiSafe.com, Eric Everson is a leading mobile security strategist and innovative technologies consultant. To contact him directly for interview or consulting, please email him directly at EricEverson@Hotmail.com

0 Comments | Add a Comment | Permalink