The next e-security threat: Cell phones

PARIS, 15 May 2000 - "Personal computers are at present the weak link in Internet security. Tomorrow, it will be mobile phones," said Herve Bourgois, European chief executive for Check Point Software Technologies, in an interview.

Bourgois said that Wireless Application Protocol (WAP) technology, which allows mobile phone users to use online services, "will generate more traffic, while UMTS third generation technology will speed up the process."

"Canny users will thus be able to hack into vulnerable data banks using their mobile phones and store the information on a laptop computer, or unleash a virus before disappearing," said the head of the Israeli company, which specialises in computer security software.

Virus authors may soon go mobile
A computer virus nicknamed the "Love" bug wreaked havoc on the Internet last week, as users opening a message containing "ILOVEYOU" in its subject line set loose an attachment which destroyed data while sending copies of itself to everyone in the user's address book.

"Canny users will be able to hack into vulnerable data banks using their mobile phones and store the information on a laptop computer, or unleash a virus before disappearing," Herve Bourgois, Check Point Software. Investigators in that case suggested a Philippine college dropout might have been the author of the virus, but Bourgeois said that hackers using laptops and mobile phones would be much more difficult to locate as they could use stolen equipment and then destroy it after use.

"Security systems will have to be loaded on mobile phones, and passwords giving access to private networks reinforced, particularly as these devices will soon be used for banking transactions," he said.

For now, Bourgeois added, companies should ramp up security around workplaces, particularly where they are using private virtual networks branched into public telecoms networks.

"Companies have established security systems along the lines of 'firewalls' for their central servers. One can no longer access the networks by the main entrance. But hackers have found the weak spot by going via PCs and can use a 'Trojan horse' such as the Love Bug, which goes in via email," he said.

Employees' home computers which are linked to their company can also be used by hackers to send a virus via the network.

Companies slow to admit security holes
Overloading on Yahoo!, AOL, Amazon and other top sites at the beginning of February in the DoS attacks, as well as the Love bug incident, have woken the business world up to how much they stand to lose.

Some experts have put the worldwide cost of last week's virus at $6.7 billion.

But in fact, companies only own up to having problems when there is no alternative, Bourgeois said.

"Businesses are scared of losing market share to their competitors by owning up to security breaches. The Love Bug cost several hundred million dollars in repairing email addresses, but it's nothing compared to what future viruses could do to hard drives," he said.

Nevertheless, that kind of attack is educating the market, Bourgeois concluded.

"People are realising that they cannot develop an e-business without security."