Smartphone Security Threats Overdramatized, Experts Say

You hear lots of hype regarding threats to your iPhone or BlackBerry, but mobile malware rarely appears in the real world. Mobile security experts explain why -- and share advice on staying safe while avoiding security FUD.

By Bill Snyder
Tue, February 22, 2011

CIO — I was sitting in the middle of one of the most security conscious crowds you'd ever come across—about 200 computer security professionals listening to a high-powered panel on mobile security threats at the RSA Conference in San Francisco last week.

And you'd think that after nearly 90 minutes of discussion, I'd leave the room all a twitter (pardon the pun) and scared that my iPhone was about to go rogue. Not at all. In fact, I left feeling a lot more relaxed about the security of my smartphone, and a little more skeptical about the barrage of hacker warnings to which we've all been subjected.

"I can count on one hand the pieces of (mobile) malware I've seen installed," said Ian Robertson, manger of security research for Research in Motion, the developers of the ubiquitous Blackberry.

Richardson wasn't the panel's maverick. All four agreed that mobile threats are potentially serious, but are still rarely seen in the real world. Indeed, one of the panelists asked the audience how many people had seen a mobile attack or been victimized themselves—and there was almost no response from a roomful of security experts.

"Day-to-day mobile threats haven't (yet) caused much harm," said panelist Ed Amoroso, the chief security officer of AT&T.

BlackBerry Nightmare Scenario Still Fiction

At an earlier panel devoted to Blackberry security, Adam Meyers, director of cyber security for SRA International, warned about insecure mobile devices, but then poured a bit of cooling water on the "FUD" (fear, uncertainty and doubt) surrounding the popular business device. The truth, he said, is that remote exploitation of the Blackberry is theoretically possible, but he has yet to see a real world version of the "nightmare scenario" in which a hacker compromises a Blackberry and uses that as a way into the network.

I want to be careful not to give the impression that there is no security threat to you as a user of wireless. There is. The panelists I heard all predicted that threats and exploits will emerge over the next few years. But the takeaway from my visit to RSA is this: be careful, but it's not nearly as dangerous out there as you might think. Not yet.

Why so much hype about the threats? No doubt about it; the wired world of the desktop has indeed been barraged with malware of various sorts, so we've been primed to suspect digital security and privacy breaches. Meanwhile, the use of wireless devices is increasing exponentially, and more and more sensitive data is being stored and transmitted on those devices. So it makes sense to believe that hackers, many of whom are now part of profit-making criminal enterprises, will begin to focus on mobile users, said Richardson.

1 2 next page »

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

You are here: Technology Topics » Mobile/Wireless » Feature

Most Recent Mobile/Wireless Stories

White Papers »

Gartner Report on BYOD: Media Tablets and Beyond

This research assesses the impact of the growth in media tablets and other "off desktop" form factors entering IT deployments and makes recommendations on building an enterprise management plan based on industry best practices.

BYOD Policy Implementation Guide

This BYOD implementation guide from Absolute Software provides three simple steps to legally secure and manage employee-owned devices within a corporate environment.

The most simple & secure solution for Intranet access from mobile devices

The promise of enterprise mobility means that employees are more productive and address business issues in a timely, untethered manner.

Mobile Middleware Strategies

Learn why a mobile development platform is critical to be able to support today's complex enterprise mobility strategies. Learn what to look for in a mobile development platform and how apply these tools whether you're developing a dedicated app for one device or multiple apps running across multiple devices.

Native & HTML5 Mobile Apps: Not an either or, but a where and when

Learn how developers are using HTML5 and native development methods to build mobile apps. Get practical insights on how these tools are being used, what's driving their usage, and how to choose the best development approach for your business.

The Evolution of Enterprise Mobile App Development

Driven by explosive growth in smartphone and tablet sales, enterprise mobility has become an essential part of business. Organizations across industries are developing internal- and external-facing mobile applications that drive revenue, build brand loyalty, strengthen communication with partners, and enhance employee productivity. Learn how keeping pace in this market requires an agile, flexible, and iterative approach to application development.

Webcasts »

Set It & Forget It - Apple Devices in the Enterprise

Ben Snyder, Desktop Support Analyst at Under Armour, discusses how this fast-growing company with thousands of mobile employees uses an automated process to manage its mix of PC and Apple devices from a single console.

Take Control and Empower users with BlackBerry Mobile Fusion from RIM

At one time, a smart phone was only on executive tool that increased productivity. But now, more employees than ever before are bringing their own mobile devices and tablets into the workplace. CIOs must satisfy this new class of users but they need the tools to manage the growing number of devices and tablets over a wider variety of mobile operating systems.

Join David Heit, Senior Director of Product Strategy for Research In Motion (RIM) and award-winning technology editor Stan Gibson for a look at the forces that are transforming mobile IT today. In this Webcast you will learn about BlackBerry(R) Mobile Fusion and now you can manage and secure BlackBerry(R), iOS and Android(TM) devices all from one unified interface.

Mobility KnowledgeVault

How "mobile ready" is your infrastructure? This Mobility Knowledge Vault provides a wide variety of expert advice on how to strike a balance between end user ease-of-use and security. Prepare your organization with primers on data encryption and user authentication, device disablement and devising an employee-liable device strategy that makes both IT and users happy.

Successful Mobility: Access and Performance Anywhere

Today's workforce is truly mobile. At the office, from customer sites, even at home or in a hotel - their connectivity and application performance needs remain the same. But even though their requirements don't change, the challenges in meeting their expectations do.

Workday's Mobile Solution for iPad

Stay connected while on the go
As the workforce around the world becomes more mobile, enterprises are enabling their workers to stay informed and connected while on the go. Deploying Workday's cloud-based mobile solutions could not be easier!

Embracing BYOD: Best Practices from the Front Lines

Mobility is reshaping business worldwide. It's also reshaping how IT operates, fueled by the "Bring Your Own Device" trend, a trend that's been in the making since at least 2008. In this webcast, you'll learn how world IT leader SAP has embraced BYOD for lower costs, higher employee satisfaction and better business outcomes.

Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter