5G Technology World

  • 5G Technology and Engineering
  • FAQs
  • Apps
  • Devices
  • IoT
  • RF
  • Radar
  • Wireless Design
  • Learn
    • 5G Videos
    • Ebooks
    • EE Training Days
    • FAQs
    • Learning Center
    • Tech Toolboxes
    • Webinars/Digital Events
  • Handbooks
    • 2024
    • 2023
    • 2022
    • 2021
  • Resources
    • Design Guide Library
    • EE World Digital Issues
    • Engineering Diversity & Inclusion
    • Engineering Training Days
    • LEAP Awards
  • Advertise
  • Subscribe

Overcoming Mobile Insecurities

By Staff Author | April 20, 2009

While malicious activities on handheld devices like smartphones have been relatively low, several indicators suggest that things are about to change. Enterprises will need to start thinking seriously about a mobile threat prevention strategy to ensure that their networks are not vulnerable to the new threats that will abound with the increasing mobile activities of their users.

Anthony James
James

The growing prevalence of 3G networks is enabling broader bandwidth for mobile devices, which means more of the bad content is getting in with the good. 3G also enables network operators to offer a wider range of more advanced mobile services, such as real-time access to high-quality audio/video transmission. For example, with its application portal, Apple, which has a small percentage of the handset market, has already changed the way many people interact with their smartphones, while Microsoft and Nokia are also talking up their own similar portals.

The level of personalization and customization possible with these portals will mean new uses, both good and bad, will be found. This presents a big concern for corporate network managers as users are no longer bound by factory-installed applications. With this greater usability, consumers are now adopting smartphones in greater numbers for business and for personal use. iSuppli predicted in a March 2009 report that the number of smartphone shipments is expected to grow to as high as 192.3 million units this year, up 11.1 percent from 2008.

No doubt, the smartphone is becoming much more personal and indispensable to consumers, and where consumers go, money goes, and crime soon will follow. This adds up to increased opportunities for virus infections and attacks that will require a focused approach to secure the millions of handheld mobile devices in operation today, especially for enterprises. Smartphones pose an even greater security risk to corporations as they have become the mobile office for their ability to access corporate networks in real time, much in the way that laptops have been able to do. This presents cybercriminals with the opportunity to use smartphones as the launch pad for penetrating and accessing sensitive corporate data. The increased usability of smartphones and other wireless devices and the new business models they enable could become the biggest threat to corporate security in the near future.

The mobile market presents a unique position in terms of malware as compared to the traditional PC market. The platforms available for attack on PC platforms are limited – Windows, MacIntosh and Linux – while the number of mobile platforms continues to grow: Google Android, Apple mobile OS, SymbianOS, Windows Mobile, Palm. For example, we are just seeing the tip of the iceberg with Google’s Android OS vulnerability discovered late last year. And more recently, the discovery of the new SymbOS/Yxes.A!worm (AKA “Sexy View”) mobile worm gives strong indication that we may be on the edge of a mobile botnet. This sophisticated SMS-propagation strategy, which hosts the worm on malicious servers, allows cybercriminals to effectively mutate the worm by adding or removing functionality.

A managed client capable of detecting software installations and monitoring file access in addition to encrypting data and reporting status to a central server is the answer for network managers grappling with an active mobile work force. Network managers will want to look for solutions that provide multi-layered protection for blended threats and that protects across all device interfaces. The ideal mobile client solution would be part of an integrated, end-to-end network security platform that offers accelerated hardware and impinges minimum performance impact on user device and services. In addition, the network security platform should offer configuration management and control with reporting, and flexibly-defined profiles and policies for granular network segmentation capabilities.

For the end-user, both corporate and private, here are some tips to follow for the safe usage of their mobile device:

1) Similar to patch management on PC platforms, apply any updates to mobile platforms as soon as they become available. For example, Google quickly issued a fix when the vulnerability in its open source Android OS was discovered in late 2008. Be educated and aware of threats that bridge to the Internet.

2) Phishing scams looking for bank account information or corporate credentials are very real to hit users on mobile devices, just as they are with PCs. Just like social networks, mobile networks through voice contacts are highly trusted. Attempt to verify the identity of any incoming messages that are suspicious. Reply with something simple like “What is this?” to ensure you are able to confirm that the source of the message is trusted.

3) Be aware of what you install. For example, the worm SymbOS/BeSeLo used social engineering over MMS to install itself. It prompted the user to install an application which had a file extension .mp3 or .jpg; users should be aware of this and not install anything they haven’t confirmed as being from a trusted source. Many users have “jailbroken” phones, such as the iPhone, which means that uncontrolled (unsigned) code can be run. This is a very big security risk, and users should be aware of the risks they take when they unlock phone functionality.

4) Disable communication channels such as Bluetooth by default, only enabling them on a per-session requirement. This removes an attack avenue. By taking simple precautionary measures, it effectively helps to harden your smart device.

James is vice president of products at Fortinet.


Filed Under: Carriers

 

Next Article

← Previous Article
Next Article →

Related Articles Read More >

eSIM
eSIM eases changing carriers for phones and IoT
QoE and QoS comparison
Benchmarking in 5G: More important than ever
iPhone 12
I bought a 5G phone, now what?
6G
Key takeaways from 6G Symposium

Featured Contributions

  • Overcome Open RAN test and certification challenges
  • Wireless engineers need AI to build networks
  • Why AI chips need PCIe 7.0 IP interconnects
  • circuit board timing How timing and synchronization improve 5G spectrum efficiency
  • Wi-Fi 7 and 5G for FWA need testing
More Featured Contributions

EE TECH TOOLBOX

“ee
Tech Toolbox: 5G Technology
This Tech Toolbox covers the basics of 5G technology plus a story about how engineers designed and built a prototype DSL router mostly from old cellphone parts. Download this first 5G/wired/wireless communications Tech Toolbox to learn more!

EE LEARNING CENTER

EE Learning Center
“5g
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for EE professionals.

Engineering Training Days

engineering
“bills
5G Technology World
  • Enews Signup
  • EE World Online
  • DesignFast
  • EDABoard Forums
  • Electro-Tech-Online Forums
  • Microcontroller Tips
  • Analogic Tips
  • Connector Tips
  • Engineer’s Garage
  • EV Engineering
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips
  • About Us
  • Contact Us
  • Advertise

Copyright © 2025 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy

Search 5G Technology World