One thing I see again and again in this job is that people usually don’t think about security until after they are hit with an incident. Companies create disaster recovery plans after the disaster. They come up with incident response teams after the incident. And consumers get antivirus software after they’ve had a virus infect their system.
People, here is a chance to turn that all around. We’ve seen several incidents of mobile phones being hacked. So far it’s been by old school hackers, those that are doing it just to prove that it can be done. But history shows us that the cyber criminals follow closely behind the old school hackers, and they will not be doing it for kicks—they’ll be doing it to rip you off.
Security professionals approach any situation like this by a risk assessment; in other words, they try to figure out what bad things could happen. Then they can hope for the best, but prepare for the worse. If anyone with a smart phone hasn’t done this, now would be a great time. What, of value, do you have on your phone? What would you not want a cyber criminal to get a hold of? What’s on your phone you can’t afford to lose? Is it backed up somewhere?
Here are a couple of reminders to get you started:
Personal identity information
Phone numbers and email addresses
And, here are a few other risks you’ll encounter in the future while using your smart phone:
Ransomware: A program that encrypts your data and forces you to pay to decrypt it.
Misleading application: A program on your phone reports a bogus problem and offers to sell a bogus solution.
Text spam: Your phone is used to send text spam to all of your contacts, or even links to malware.
All of these have different levels of risk and some are less likely to happen than others. And now is the time to start thinking about that. Not after the damage has been done.