/ Technology

Mobile phone security – it’s time to get serious

Mobile phone wrapped with chains

As mobiles have got smarter and more numerous, they’ve become a target for malicious attacks. There’s no need to panic, but a recent outbreak in China shows we can’t afford to be complacent about our phones’ security.

You need only examine the contents of your phone to see why hackers have moved to attacked mobiles.

Not only is the phone itself very expensive, it’s crammed full of all sorts of personal data – contacts, calendars, email, texts, Facebook and Twitter – it’s a veritable treasure trove of compromising info.

We’ve discussed potential malicious applications on Which? Convo before, but to underline the potential threat, last week saw one of the first mass virus outbreaks on smartphones. I contacted Tom Gaffney, security advisor at F-Secure, who explained the outbreak:

‘The virus is hidden in a piece of rogue anti-virus software that users are fooled into installing on their phone. Once planted, it texts the hackers all the contact names and numbers from the user’s phone. The virus then sends SMS messages to all the contacts, spreading the virus.’

This approach mimics techniques used on desktop PCs. Users are initially lured into downloading fake anti-virus software via a scaremongering message, and then unwittingly spread it to their contacts.

This particular attack on mobile phones has affected over a million Chinese users already, all of whom picked up the tab for the premium rate text messages that spread the virus.

It’s not just an Android problem

It’s worth stressing that – despite popular opinion – this isn’t a problem reserved for the ‘open’ Android operating system. Its application store might lack the controls of Apple’s approval system, but the iPhone certainly isn’t infallible.

As security expert Nicolas Seriot proved in his paper about iPhone security, it’s impossible for Apple to detect all malware. Several apps and vulnerabilities have already been discovered. Sure, it might be a darn site harder to knock down Apple’s walled-garden, but it’s certainly possible to dig underneath.

Be smart, be sensible

Threats like these show that it’s important to be smart and sensible about mobile phone security. It’s not as if ‘hackers’ have a personal pipeline to our information. Just like a vampire, they must be invited in!

Consequently it’s up to us to make good decisions, be vigilant and not just accept everything at face value. You can find advice on how to protect your mobile phone from security attacks on Which? Mobile.

It really is a brave new world for mobiles, with smartphones opening up a Pandora’s box of potential attacks. And since hackers could even know where we are using GPS technology, have our mobiles made us more unsafe than ever before?

Comments
Guest
Sophie Gilbert says:
23 November 2010

Isn’t cramming one’s phone full of all sorts of personal data and using it for all sorts of things other than phoning/texting a bit like putting all one’s eggs in one basket? A disaster waiting to happen. I’m emphatically not saying that they deserve to be the victims of malicious attacks, but some people, whose job does not demand that they should stay communicado at all times by any means under the sun, should perhaps revise their attitudes towards this piece of technology.

Profile photo of Patrick Steen
Guest

Which? Mobile writes about how BBC technology reporter Rory Cellan-Jones was taken back to school by two computer experts who hacked into his phone – this shows how insecure our phones are.