TORONTO — Few security breaches have been traced to wireless devices or smart phones, but industry experts say the proliferation of these devices is still a concern.
“”I have not heard of a lot of attacks on mobile devices,”” said Michelle Warren, a market analyst with Toronto-based Evans Research
Corp. “”It’s more ‘When it is it going to happen?'””
Warren made her comments after a presentation to journalists and analysts by Santa Clara, Calif.-based McAfee Inc. Company officials said IT departments should be concerned about mobile device security, but agreed there have been few attacks.
“”I think many of us in the industry thought we would have more of a problem with these things than we actually have,”” said Vincent Gullotto, vice-president of McAfee’s Anti-virus and Vulnerability Emergency Response Team (AVERT). “”That’s somewhat good news.””
He added past breaches have included “”porn dialler”” software, which is surreptitiously loaded on to cellphones and is programmed to dial 900 numbers, racking up subscribers’ bills.
Gullotto said in some cases, malicious code is designed to spread to wireless devices through Bluetooth connections, but most viruses and malware loaded on to mobile devices do not spread as quickly as they do on to PCs connected to a corporate network.
“”In order for them to spread today, they take more of the routes that viruses took on floppies,”” he said. “”It’s really the only way that the wireless threat can spread. It doesn’t mean that wireless devices can’t host PC infections.””
Executives from other security software vendors offered similar opinions.
Matt Ekram, product manager for mobile security at Cupertino, Calif.-based Symantec Corp., said in an interview that mobile devices have a “”limited impact”” on corporate security, and any malware designed specifically for these devices would be a “”proof of concept.””
Ekram recommends network managers set up virtual private networks (VPNs) to help protect against attacks from workers who connect without the knowledge of IT departments.
IT staff can protect networks by setting up perimeter firewalls and other devices, but Gullotto said security gets more complicated when the network boundaries become blurred.
“”In the good old days, everybody had PCs and a LAN and we all went to the Internet through our firewall gateway,”” Gollotto said. Now there are also home computers and laptops to take into consideration.
He added network managers have no choice but to leave some ports open so users can access external resources, such as the Internet. Therefore, the only defence is to monitor the network for unusual activity.
Attacks such as mass mailers can take over machines without the users’ knowledge, said Greg Day, security strategist for McAfee. “”One of the things customers are getting more fearful of is whether they actually . . . own their environment.””
It’s usually only a matter of time before hackers break through or take advantage of security measures designed to stop them. A recent study by MX Logic found that spammers are using the sender policy framework (SPF), which was designed to stop fraudulent e-mails, to authenticate spam.
SPF lets companies register their IP address in the domain name system. SPF does help prevent domain phishing, but it is also being used by spammers in an effort to make their e-mail look legitimate.
In a sample of more than 400,000 unique spam e-mail messages that passed through MX Logic’s Threat Center from Aug. 29 through Sept. 3, 16 per cent had published SPF records.
“”Since all it is, is someone saying this is my domain, spammers play by those rules. Spammers get a domain, it’s cheap. And they register it just like any legitimate center would,”” said Steve Ruskin, senior product and market analyst at MX Logic in Denver, Colo.
— with files from Poonam Khanna