Mobiles to come under attack from 'bad guys'
SDKs to blame?
Mobile devices are going to become the next big target for cyber criminals who will be helped by the greater availability of tools to develop software for them.
Speaking to silicon.com at Infosec 2008 in London, former advisor to the White House on cyber security, Howard Schmidt, said: "[Mobile is] going to become a rich target area for the bad guys."
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
Wielding both an iPhone and BlackBerry, Schmidt said the sheer ubiquity of mobile devices and their greater connectivity to the internet means they are the next logical focus area.
He said the availability of software development kits (SDKs) for mobile devices -like the one launched by Apple for the iPhone - increases the possibility of malicious code being designed specifically for mobiles.
He explained: "As SDKs became more available for PCs people wrote malware, viruses, worms and applications that looked like legitimate things but in reality were stealing data. So it's not unreasonable to suspect that that's going to be the next attack vector, particularly as we depend more and more on mobile devices."
Schmidt also stressed the current security threat around applications in general.
He said: "I think that the fact that businesses depend on applications to make them successful, but they're also the biggest weaknesses because of the vulnerabilities that we have in applications. And that's what we've seen the bad guys shifting towards, moving away from network-based attacks.
"You have all of this active content, you have the ability instead of just looking at things you're now changing things and adding things and oftentimes these are great technologies and resources but they're not designed with security in mind."
Schmidt also reaffirmed his backing of a central UK e-crime police unit which silicon.com has been campaigning for.
He said: "If you have a centrally, high located organisation looking after these sort of issues, you're not competing for resources, you're very focused."
He added such an organisation would raise the level of expertise, provide a better view of what's going and ultimately benefit society.