Mobile phones and handheld computers are becoming a tempting target for
virus writers, warn experts.
By 2005 anti-virus experts expect that customers of one or more mobile
networks will have been struck by
a malicious program designed to exploit security failings on portable
devices.
By that date experts believe newer third-generation
phones will be popular
and handheld
computers
more powerful, making them
susceptible to the
tricks that help viruses infect
desktop computers.
Anti-virus firms caution
telecommunication operators and handset
makers
to prepare now
how they
will deal with any outbreak to
avoid the crippling
financial and public
relations costs
of subjecting
customers to a virus.
Programs :
Viruses have already been created that exploit
vulnerabilities in mobile
phones and handheld computers.
Most of them have
been harmless.
Two viruses have appeared for the Palm handheld
computer. The first,
called Liberty, tried to delete
all the applications stored
on the gadget
but could not spread from Palm to Palm. The second,
called Phage, was
only ever seen
in the laboratory.
One e-mail virus, called Timophonica,
appeared in Spain and tried to send text messages to random
mobile
phone numbers but did not
spread
via handsets.
Mobile phone networks are rapidly adopting standard
net technologies
that make it easier for them to
offer multimedia services.
But these
changes make phones vulnerable to some of the
infection
techniques used
by many desktop
computer viruses.
"Most people do not realise that these devices
are going
to be
more like a computer than a telephone,"
Many networks are also offering "always-on" network
connections
to customers that ensure they get
their e-mail
and text messages as fast
as possible.
EXPERTS VIEWS You are about as likely to get hit by a falling
piano as you are to
get a virus on your mobile phone,"
says Graham Cluley, a
security
consultant at UK antivirus firm Sophos. Unlike PCs,
phones simply
have
too many different operating systems for
viruses to exploit, he says.
And there are too few
people who
own the "smart phones" capable
of receiving and transmitting
new software - like a
virus - to pose a
real risk. Reading the newspapers last week,
you may have got the opposite
impression.
On 21 February reports surfaced of
the first two US phones to be infected
with a virus
outside
a lab, sparking predictions of a bleak future in
which viruses
run rampant, rendering
cellphones as useless as PCs hit
by LoveBug, Sasser or MyDoom.The phone virus, called Cabir,
was written by a band of
European hackers
who call themselves the 29a group. They
wrote it in June 2004 as a
"proof-of-concept" virus,
designed to show that phones can suffer viral attacks just
like PCs.
It first appeared last August in the
Philippines on
phones running the
Symbian 60 operating system,
including
top-of-the-range Nokia, Siemens
and Panasonic models.
The virus drains phone batteries far faster than
normal by constantly
seeking active Bluetooth radio
connections in
nearby cellphones. When
it finds a phone with Bluetooth
switched on, in so-called
"discoverable" mode,
it asks the
user if they want to receive a file. If the user agrees,
the virus
transmits
a file called caribe and asks the user if they want
to install it. Enough people have now done
so for the
virus to spread
to a further 11 countries, including the UK,
Australia and the US.
"Bad stuff ahead"
Because it can only infect one phone at a time and requires the
user's
permission, and because battery
draining is a relatively
harmless effect,
Cabir is not seen as a big cause for concern
. The real fear is
that
viruses will get more sophisticated and
spread more easily via longer-range
internet links like
Wi-Fi,
which is beginning to appear as a cellphone
option. "The really
bad stuff is all ahead of us,"
says Mikko
Hypponen of Finnish
firm F-Secure.
The class of cellphones hit by Cabir are
known as smart phones and sell
for at least $500. They fall prey
to viruses because they
have advanced
operating systems capable of executing newly
inserted code. The
vast
majority of phones cannot update their
software this way, says Hypponen.Just 4% of all cellphones
sold worldwide in 2004 were smart
phones,
and it is unlikely to be more than 9.3% by 2009,
according
to technology
research firm Jupiter Research.
But even basic phones are getting smarter. Many
have the ability to "sync" with
a PC, allowing the phone
to do things like download
email. This creates
another way to insert a virus, says Oliver
Friedrichs of
Symantec, a
company based in Santa Monica,
California, US, which sells antivirus
software for the Symbian
and Windows Mobile operating systems.
A virus that spreads through a phone's Wi-Fi connection
or through an
email attachment could
propagate
faster and more
stealthily than one
that spreads over short-range Bluetooth
connections
. Unlike Cabir it
could infect a phone by exploiting
its security flaws.
Steal and destory
" To date we have not seen vulnerabilities disclosed for phones
but we
expect to see them in future,
just like we have with the
desktop PC," says
Friedrichs. Viruses could steal and destroy
data from
phones, run up
bills by making calls to premium-rate
numbers, record conversations in
which
personal data and
credit card numbers are exchanged, and even get
a phone
camera to spy on its
owner and transmit photos. A major
factor protecting cellphones is the variety of operating systems
they use, unlike the Windows near-monoculture of the
PC world. Only half
of all smart phones run
the Symbian operating
system, with most of the
others running either PalmSource or
Windows Mobile.
Linux variants have
only a very small share of the
smart-phone market. As most viruses are
specific to
a particular
operating system, it is harder for them to spread
in this mixed environment.
It is conceivable that virus writers will find
a way round this, says Friedrichs. This could be done by
building a "cross-platform" virus
that could infect any operating system, or one that could exploit
vulnerabilities
in the small Java programs that all phones run, such
as those for games
and journey
planners. Countermeasures for smart-phone
viruses are already available from Trend
Micro, Airscanner,
Symantec, F-Secure and McAfee
. But Cyrus Peikari,
a programmer at Airscanner of Dallas, Texas,
believes that antivirus
software may not be enough. He thinks "polymorphic" viruses,
which
continually rearrange their signature
codes to evade detection,
will make it onto cellphones.
The only way to detect polymorphic viruses on
PCs is to look for virus-like
behaviour, such as programs
that continually interrupt
the operating
system as they scan for new files to infect. Cellphone
software
does
not have the sophistication to detect these interrupts,
says Peikari. "Your
home computer's antivirus
software has its
tentacles in every corner
of the PC. Airscanner's antivirus software
cannot do that and
I don't
believe anybody's can," he says.
|