SINGAPORE--The uptake of mobile security tools is not as high as that of desktop due to the low number of breaches and lack of awareness, but users cannot afford to be complacent, caution Pavel Luka, CTO of the Eastern European security vendor, ESET.
Speaking at a press briefing here Tuesday, he noted that the number of malware incidents on mobile platforms remained low, and coupled with the lack of awareness, smartphone users were slow to adopt security measures to safeguard their devices. The executive was in town for the launch of the company's ESET Smart Security 5 for desktop and NOD32 Antirivus 5 for Android devices.
In a follow-up interview with ZDNet Asia, Luka explained that the number of security breaches on mobile was still "relatively small" compared to the desktop, which was primarily the platform most people deemed necessary to run a security tool. "[As such], people don't feel like their smartphone are at risk," the Slovak said. "It often takes a couple of security incidents [for users] to take security seriously and implement security measures."
However, users must not assume the low number of incidents mean they do not have to step up precautions, he said, adding that mobile malware is "emerging".
He cited recent security threats to mobile devices such as SpyEye, which is a mobile malware that contains components targeted at Symbian-based and Android smartphones. ESET recently identified an Android Trojan which was able to create a botnet and steal sensitive information that was then sent to their C&C (command and control) server. The Trojan was also able to receive commands from the C&C server to instruct the smartphone to download and install other malware, send SMS messages, make phonecalls and launch Web sites.
Luka added that there were also security hacks that targeted specifically mobile devices and were able to covertly send SMS messages as spam.
He noted that before the emergence of mobile devices, there were also malware similar to SMS Trojans which targeted desktop PCs called dialers. Called dialers, these Trojans would use the modem in the PC to target and call victims, he said. "The techniques are common, just [different] implementations."
Luka warned that malware and security attacks on the mobile platforms would increase in the upcoming years as mobile devices continued to grow in popularity, and consumer computing would typically involve a mobile device.
This would lead cybercriminals to increasingly target mobile platforms, as they looked to exploit any avenue that gave them additional gain, he said.
He advised users to make sure their security tools were up-to-date and have "common sense", such as resisting the urge to click on strange Web site links on their phone. "It is human nature to be curious, but we must remember that such messages are too good to be true," Luka said.