Cell phones are new botnet spam targets

The same week one of the world’s worst spam operations is being shut down, security researchers are warning the next big threat may not be for PCs at all — but rather for cell phones.

Mobile Move

A report issued Wednesday by the Georgia Tech Information Security Center says spam and other botnet-based attacks will make the move to mobile in the coming months. The study, called the Emerging Cyber Threats Forecast for 2009 (PDF), was presented at the GTISC Security Summit in Atlanta.

“As Internet telephony and mobile computing handle more and more data, they will become more frequent targets of cyber crime,” the researchers say.

Seven smart strategies to battle botnets

Bot Targets

The concern is that hackers will begin stealthily taking over phones the way they’ve taken over network computers, turning them into virtual “bots” to do their bidding (hence the term “botnet”). Because of cell phones’ increasing computing power — not to mention their always-on nature — the researchers fear they’ll soon become an obvious target.

“Large cellular botnets could then be used to perpetrate a [denial of service] attack against the core of the cellular network,” says Patrick Traynor, an assistant professor at Georgia Tech involved in the study. “But because the mobile communications field is evolving so quickly, it presents a unique opportunity to design security properly — an opportunity we missed with the PC,” he adds.

Stumped on Security

The overall lack of cell phone security so far is one of the first issues Traynor and his team are trying to tackle. Right now, they say, proper antivirus protection would drain too much of a phone’s battery and thus prove to be unpractical. Add in the fact that most people tend to be trusting when it comes to voice technology, and you have the potential for disaster.

“Most people have been trained to enter social security numbers, credit card numbers, [and] bank account numbers … over the phone while interacting with voice response systems,” says Tom Cross, an IBM Internet Security Systems researcher also involved in the research. “Criminals will exploit this social conditioning to perpetrate voice phishing and identity theft.”

Early Optimism

As intense as it all sounds, there’s likely no cause for panic. The researchers point out that the relatively closed nature of cellular networks compared to the Internet will help carriers combat ill-intended tactics. They also note that they’ve seen no evidence of these types of hacks actually being plotted yet.

Rather, they’re looking at the ripe environment as an opportunity to put up protection before it becomes too late.

“Users want to avoid the spam crisis that has inundated email,” Cross says.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now