So, what do you have stored on your PDA and cell phone? Maybe some personal phone numbers and addresses? Business leads? Perhaps even a few PIN numbers and passwords? Take a quick inventory. There's probably some pretty important information stored there. Here's the next question. How would you feel if your phone was stolen or if your Pocket PC ended up in someone else's hands? Or what if a virus drained your cell's battery and suddenly you couldn't be reached? These are scenarios many of us haven't considered, or maybe dismissed as unlikely or trivial. Meanwhile, we tend to focus a lot of energy on securing our laptops and desktops. But don't forget about your handheld devices. You won't know how much you value them until they're gone or disabled.
Our cell phones and PDAs have become essential. You might even say we're dependent on them. They're convenient and portable, and they're becoming ever more sophisticated. You can take them almost anywhere, bringing along crucial notes and critical information, making yourself available anytime, anywhere. Unfortunately, their very portability makes them a prime candidate for one of the most basic security issues we face—physical loss. Whether you leave them on a café table or at the kids' ballgame, or whether they're stolen from your backpack, losing your handheld can have serious consequences. For example, if a mischievous character gets hold of your cell phone, he may just take it for a joy ride, making prank calls to Siberia, Sri Lanka, or Timbuktu, all on your dime. If you lose your Pocket PC, you may lose the notes you just took at that brainstorming session or the phone number of an important new contact. And simply being without your cell phone when you're expected to have it can be frustrating and annoying.
So, it's critical to keep track of your handhelds. Treat them as the vital accoutrement they are. Take special care with them, just as you would your wallet or checkbook. And don't use your handheld as the sole repository for important information. Keep a backup of phone numbers and addresses on your computer or in a day planner. You may also want to minimize the amount of personal and financial information on your handhelds. No matter how convenient it might be, don't keep PIN numbers, passwords, or account numbers there. And if you want to keep your personal notes personal, don't store them for long periods of time on your PDA.
You should also take full advantage of your cell phone and PDA's password-protection features. While passwords are not foolproof, they go a long way toward deterring the casual PDA or cell phone thief. You may also want to consider protecting your data with file encryption, especially if you use your PDA for business. There are a number of reasonably priced encryption tools, which will scramble your data, making it available only to those persons who have a key. You may also want to check with your IT department at work to make sure you're keeping up with company encryption and password policies.
Most of the conversation about cell phone
viruses has centered around why they're not much of a threat, at least not yet. While it's true we haven't detected a lot of damaging handheld viruses in the wild (most of them have been "proof-of-concept" prototypes), their numbers are growing, and the ones we're seeing are becoming more sophisticated. The reality is, cell phone and PDA viruses exist and the trends in recent activity make it clear we need to start taking them seriously.
However, not all cell phone viruses rely on Bluetooth to spread. Some are downloaded from the Web, masquerading as attractive applications. In the case of the Skulls Trojan horse, the
malicious code appears to be a theme manager program. When you download and execute the program, it replaces your application icons with skulls and crossbones. It also causes most of your programs to cease functioning. Other viruses, some of which have been picked up on peer-to-peer sites, have caused phones to lock up completely.
Meanwhile, some new viruses are self-propagating. Mabir, for example, sits on your smart phone and waits for text messages to arrive. It then sends a reply to the text message sender. The reply message includes an attachment containing a copy of itself. This is a significant development because Mabir spreads a lot like an ordinary worm. It has the ability to send itself between an infected phone and other compatible smart phones. In other words, it's not limited to short-distance transmissions.
Sophisticated viruses for PDAs have also been emerging. One of the most portentous is Brador. Brador is a classic Trojan horse. Once initiated, it sends the attacker an email containing the IP address of your PDA. The attacker can then make a connection to your handheld and take it over, viewing and downloading files or even uploading more malicious code. While Brador, even at its zenith, did not infect a large number of computers, it did prove just how far malicious code for PDA's have progressed.
The advent of Trojan horses like Brador and worm-like threats such as Mabir are a fairly strong indicator that PDA and cell phone security is only going to become more challenging. So it makes sense to start protecting your cell phones and PDAs.
Fortunately, protecting handhelds from viruses is not difficult. In fact, you can secure them pretty much the same way you secure your computers and laptops: by installing a good
mobile antivirus software. When you choose your antivirus protection, just make sure it's a product that can be updated easily. That way, when a new handheld threat emerges, you'll be equipped to immediately protect your smart phone or PDA.
Handheld devices keep us informed and in touch when we're on the go. They're also becoming more and more like full-blown computers. As we begin to store more critical information on them, and as virus writers begin to target them more seriously, handheld security is going to become vital. Don't get caught off guard—start protecting your handheld devices today.
Product: Norton Smartphone Security:
Mobile Antispam - Mobile Antivirus - Mobile Firewall
Symantec Security Response Skulls security advisory
Symantec Security Response Mabir security advisory
Symantec Security Response Brador security advisory
Norton Downloads
Viruses & Threats: Conficker Worm (aka April Fools 2009, April 1st Virus)
