Mobilizing Against Wireless Viruses

Nov. 30, 2004 — -- New, so-called "smart phones" can retrieve all types of digital information from wireless networks: games, the latest news, driving directions, music, e-mail, pictures, ringtones, text messages -- and, increasingly, viruses.

Last week, online security companies took note of a new virus called Skulls designed specifically to attack Nokia smart phones. The bug -- disguised as a program to help manage the phones' "themes," or graphical backgrounds -- was posted on several Web sites devoted to smart phone programs.

Once downloaded and installed on the phone, the virus disables all of the phone's built-in programs -- such as the calendar, clock and notepad functions -- and replaces its icons with images of skulls. Once infected, the smart phone essentially turns "dumb," allowing for only simple voice-based phone calls.

Although Skulls is not as sophisticated as traditional Net viruses designed for desktop computers -- it cannot automatically spread to other devices on its own, for example -- security experts warn that a growing number of hackers are taking an interest in designing and releasing malicious programs designed to attack wireless devices.

"A number of these viruses are just proof-of-concept [designed] to show us that it's possible [for hackers] to develop these kinds of attacks," says Matt Ekram, product manager for mobile security at Symantec, a security software maker in Cupertino, Calif. "But these [smart phone] devices are becoming open... It's just a matter of time that these devices will be attacked in a big way compared to what we've seen so far."

Tempting Targets of Growth

While there are fewer than 10 known viruses and other malicious programs created specifically for mobile devices, some note that the development pace is already beginning to pick up.

On Monday, online bug trackers noted that a new, more sophisticated version of Skulls had already been released. The new Skull bug also contains a revamped version of "Cabir," a wireless worm that was discovered in June. Cabir, say security experts, was designed to automatically spread using the short-range wireless Bluetooth connections found in many mobile devices.

And some security experts worry that as cell phones increasingly become mobile data devices, hackers will have a greater reason to try their hand at sowing wireless havoc.

For example, some telecommunication service providers and financial institutions in Asia and Europe are transforming mobile phones into electronic "wallets" capable of wirelessly paying for goods and services bought online or at local retailers.

"Obviously, there's not a big reason for attacking cell phones yet because of lack of motive," says Mark Rasch, senior vice president and chief security consultant at Solutionary, a electronic security company in Omaha, Neb. But, he continues, "when you can attack electronic payment systems or things linked to it, that's a huge financial incentive for hackers to create more and better wireless viruses and worms."

Steps to Securing Cells

While the prospect of mobile bugs chipping away at wireless users' security and privacy may seem daunting, the good news is that service providers and security companies are already trying to tighten up wireless security.

Symantec, for instance, has been working with Finnish handset maker Nokia to develop security software for its high-end smart phones such as its Nokia Communicator. It has also developed antivirus software products specifically geared for handheld devices. But Symantec's Ekram admits there's still a long way to go.

"The wireless market is fragmented and there are devices that are controlled and [use] proprietary software and networks," says Ekram. "We are in discussions with a number of cell-phone makers and will continue to work with other manufacturers to cover more devices."

Last week, security software maker McAfee announced that it will provide a wireless protection solution for Japanese cellular service provider NTT DoCoMo. Its VirusScan Content Scanning technology is software embedded on so-called third generation, or 3G, cell phones. The antivirus software works in conjunction with software installed on DoCoMo's wireless network so the program is always watching and protecting against the latest security threat.

Victor Kouznetsov, senior vice president of mobile solutions at McAfee, says that such security technology can and will be seamlessly embedded on wireless networks more quickly because service providers are aware of the serious threat.

"If you look at how we use PCs, if one breaks, we move to another one," says Kouznetsov. "But the wireless phone is a critical part of the infrastructure. If we get a [virus] outbreak, we're affecting life. If my phone goes dead, I'm disconnected."

Safety in Variety?

Still, Kouznetsov admits that it will take some time before smart network protection is in place in the United States. That's because while Asia and Europe have widely adopted 3G and other advanced wireless networking systems, the U.S. market sorely lags behind in cellular and wireless technology.

"We have to replicate [our efforts] on every network that's out there. We need cooperation with [wireless] operators and [phone] makers to understand how it all works," says Kouznetsov. "All of them understand that we have to do it."

Whether or not such defensive systems will be able to safeguard wireless devices and networks remains to be seen. And while the hodge-podge of networks in the United States may hamper adding protective systems, it is also one of the reasons U.S. cell phone users don't have to worry about a major wireless attack -- yet.

"One of the things that protects us is the fact that we're using a lot of different systems," says Rasch. "But increasingly, networks are moving to [Internet-based] networks. Three or four years down the road, your voice is going to go over the network as packets of data and your cell phone becomes nothing more than a mobile Net device vulnerable to anyone and any attack. Life will be wonderful."