Skip to main content
Digital Biz

Companies brace for mobile maliciousness

  • Story Highlights
  • Experts warn malicious software may become problem for mobile platforms
  • Wide number of platforms currently makes it difficult to be hit by malware
  • Password-protection a good current option to safeguard mobile phones
  • Next Article in World Business »
By Steve Mollman
Decrease font Decrease font
Enlarge font Enlarge font

(CNN) -- Most computer users live with the knowledge of online scammers and malicious code. But what about cell phone users? Handsets, after all, are getting more advanced all the time. As the tagline for Nokia's N95 smart phone suggests: "It's what computers have become."

So if computers are susceptible to attacks, why not computer-like handsets? After all MMS, Bluetooth and Internet access are increasingly standard features on phones, and they all have the potential to spread malicious software, or "malware."

Possibilities include spyware geared to send information to a third party, or viruses designed to disable functions. You might also receive fraudulent links on your cell phone -- just as you do you on your PC -- trying to trick you into giving away, say, your voicemail PIN.

In the U.S. last year, mobile operators reported five times more virus or spyware infections on mobile devices than in 2005, according to Frost & Sullivan. And "other regions follow a similar pattern of increasing numbers of security events," adds Katie Gotzen, a mobile security analyst with the firm.

Frost & Sullivan predicts the global market for anti-malware products for mobiles will jump from $61.4 million in revenues this year to more than $2 billion in 2014.

Chances are slim, though, that you've actually had a problem with mobile malware -- even if you do have a smart phone. Same goes for your co-workers, friends or family.

At this point, "Most of what you hear about mobile malware is just hot air from vendors who want to scare up business for their products," says Andrew Jaquith, program manager for security research at Yankee Group. If you haven't heard about damage being done in the mobile sphere, he says, it's probably because there isn't a lot of it happening yet.

Don't Miss

The biggest reason for this is that "there is no phone monoculture that the bad guys can attack," he says. Whereas personal computers are dominated by Windows, the mobile space has a host of platforms, among them Symbian, Brew, Palm and Windows Mobile.

"The amount of diversity is good for security," says Jaquith, "because it makes creating malware uneconomical. If your goal is making money, it's much easier to write malware for Windows laptops and desktop PCs."

There also isn't as much valuable data kept on phones compared to PCs, he notes, such as bank account passwords and credit card numbers.

This helps explain why, for the most part, the malware targeting mobiles isn't particularly sophisticated or dangerous, especially compared to PCs.

"Mobile malware is today written by hobbyists, much as PC malware once was," notes Sean Sullivan, an anti-virus researcher at F-Secure. "For the average individual, it isn't perhaps something to be overly concerned about."

But that isn't stopping anti-malware software vendors from scrambling for position in the mobile segment. Despite the relatively low returns on investment to be had now, says Frost & Sullivan, it's important for them to invest in research and development and go-to-market strategies today. In the future, a particularly damaging and widespread attack could send operators scrambling for stronger relationships with anti-virus software partners, for instance.

Most mobile operators currently resist the idea of promoting anti-virus software for handsets. The reasoning partly is that cell phone users might find such software annoying and tedious. (Do you really want to run a virus scan, or even receive automated virus alerts, on your handset?) Plus, increased awareness of mobile malware might shake confidence in revenue-generating, phone-based services like payments and ticketing.

"Carriers are very sensitive about public relations with regards to these incidents," notes Jan Volzke, head of global marketing for mobile security for McAfee.

Meanwhile demand for anti-virus tools could increase from corporate IT departments managing ever larger numbers of smart phones. "They don't want an unsecured smartphone roaming around with the company's full list of contacts," says Sullivan at F-Secure.

Integrated, enterprise-level packages with anti-malware and encryption tools for mobile devices could grow in popularity. Trend Micro will launch such an all-in-one software suite aimed at IT departments next month (

Meanwhile, on the consumer side Symantec, McAfee, F-Secure, SimWorks and Kaspersky Lab all have offerings. Symantec for instance sells $45 software for mobiles running the Symbian OS that scans in the background for viruses, Trojan horses and "evolving malicious code."

Kaspersky Lab posts a monthly "top 20" mobile virus chart, with detailed descriptions on the latest and greatest mobile malware, sporting names like "Worm.Win32.Feebs.gen." (See

But Jaquith at Yankee, for one, isn't buying it. At least not yet. "Until my uncle or college buddy has a security problem with his phone, I'm not worried," he says. "The biggest worry is simply leaving the phone in the back of a cab or in a restaurant, and losing all your data."

What makes anyone particularly vulnerable, though, is your phone falling into the wrong hands for a short period. With temporary physical access, someone (including a competitor or a spouse) could secretly install software on your phone. For example, they might install readily available spy tools like Mobile Spy and FlexiSpy, which remain invisible on the phone while posting your call logs, Web history and full text messages to their online account for easy viewing.

So even if you can't be bothered with anti-virus software for your phone, you might want to at least password-protect it. Most handsets are smart enough to offer that feature. E-mail to a friend E-mail to a friend

  • E-mail
  • Save
  • Print