The Impact of Mobile Devices on Cyber Security - Book Report/Review Example

? The impact of mobile devices on cyber security and Contents Introduction 3 The internet andidentity theft 4 Threats of mobiles devices 4 Hacking and Cyber security Infrastructure 5 Hacking has been a very common threat to cyber security for the past few decades, something that Kelly (2012) claims calls for extensive reforms. An example of a scenario that characterizes the reality of hacking cyber insecurity took place in August 2011 Bay Area Rapid Transit (BART). During this scenario, the public transportation system belonging to San Francisco Bay Area completely blacked out cell phone service to avert mobile communication amongst demonstrators attempting to stop the progress of subway trains. In a rejoinder, hackers quickly condemned BART’s action, claiming it was a violation of civil rights and unleashed a sequence of cyberattacks on BART systems, in reprisal (Harknett & Stever, 2011). This scenario demonstrates the great magnitude that explosion of use of mobile devices has contributed towards threatening the security of the cyber space. It also shows how these criminal activities are done without any measures put in place to address them, and certainly extensive reforms are long overdue. 5 Mobile applications under attack 6 The world is poised for more and more developments in mobile computing in years to come. Amid many expectations and optimism, Hurlburt et al. (2010) expresses their concern of some portentous signs in the future of mobile applications, due to the issue of cyber security. They divide the core security problems in to two folds, including the security of data and the applications on the mobile device and the physical security of the device that is held in the hands. Further, they add that there are concerns about the security of the cordless information that is delivered across the mobile devices as well as the ability of using GPS technology to track the location of a mobile device. According to Hurlburt et al. (2010), these issues present a potential avenue for malicious use of positive and promising technology. 6 E-commerce and social networking applications 6 Smarphones and cyber security 8 Consequences of cyber attacks on smart phones 9 The impact of mobile devices on cyber security Introduction Following the society’s increased dependence on mobile phones; creation of a safer and secure cyber space has become extremely difficult. As a matter of fact, use of mobile devices is now indispensable in all walks of life since firms, individuals, governments, and institutions from all over the world are making attempts to improve information and network security, albeit many challenges. Sund (2007) reveals that there are more than 4 billion users of Information, Communication and Technology (ICT) across the globe, making use of more and more powerful mobile devices in terms of transmission capabilities, processing power, and data storage capacity. As a result of converging of different forms of technologies, the intricacy of cyber-threats is increasingly becoming a reality. Indeed, because of their enhanced capability, mobile devices are now acting just like personal computers, hence increasing the opportunities for "cross-infection" and damage (Wright, Dawson, & Omar, 2012; Rose, 2003; Postman, 1992). The aim of this paper is to examine the impact of mobile devices on cyber security. Therefore, the most significant research question that will be used to answer this question is: does the increased use of mobile phone devices increases the cases of cyber attacks? To answer this question, 12 articles will be reviewed, of which some will be obtained from ‘the impact of technology on society’ by Neil Postman. The internet and identity theft Sund (2007) maintains that, in the present consumer and computing field, there exist an ecosystem that has multiple players who are financially motivated, something that is stimulating a mounting wave of crime. This has resulted to a terrific identity theft and financial losses among many other damages. For many years since the invention of mobile devices, top on the list of mobile insecurity has been identity theft, which is done by unauthorized access to other people’s personal information (Shabtaiet al., 2010; Wright, Dawson, & Omar, 2012). This includes accessing the personal data and some people masquerade as if they were the real owners, or by acting in near anonymity. In the wake of the twenty-first century, which has been characterized by increased use of mobile phone, measures have been undertaken to ensure security of online data. However, Sund (2007) asserts that law enforcement experts are raising issues that it has become difficult to track cyber-criminals courtesy of online anonymity. This includes anonymous use of mobile phone, which is not restricted in some countries. These revelations are very real consideration the manner in which the criminals, in the modern world, have tried to exploit every possible opportunity to benefit from malicious activities. Threats of mobiles devices Drew (2012) pays attention to cyber security especially in the arena of accounting. He points out that managing of risks is a very important agenda that should be kept in mind by firms and businesses as they capitalize on the opportunities created by the dramatic growth of mobile devices. While exploring the ways mobile phone technology has transformed the accounting profession, Drew (2012) maintains that some of the most remarkable transformations are occurring on the cybresecurity front line. The large number of mobile devices linking to business networks and proliferation of passage of critical data storage and processing to the cloud computing have increased the possibility of cyberattacks. The work of Drew (2012) describes cyber security threats on the mobile devices battlefront and points out the steps that individual CPAs, accounting firms, among other interested parties can undertake to mitigate the risk of experiencing a shocking violation of data. Although Drew (2012) does not explain into details how these criminal activities have penetrated the realm of accounting, his sentiments are very crucial in understanding the way mobile phones has made cyber space more insecure bearing in mind that accounting is applied in all firms and companies, hence a fertile ground for cyber criminals. Hacking and Cyber security Infrastructure Hacking has been a very common threat to cyber security for the past few decades, something that Kelly (2012) claims calls for extensive reforms. An example of a scenario that characterizes the reality of hacking cyber insecurity took place in August 2011 Bay Area Rapid Transit (BART). During this scenario, the public transportation system belonging to San Francisco Bay Area completely blacked out cell phone service to avert mobile communication amongst demonstrators attempting to stop the progress of subway trains. In a rejoinder, hackers quickly condemned BART’s action, claiming it was a violation of civil rights and unleashed a sequence of cyberattacks on BART systems, in reprisal (Harknett & Stever, 2011). This scenario demonstrates the great magnitude that explosion of use of mobile devices has contributed towards threatening the security of the cyber space. It also shows how these criminal activities are done without any measures put in place to address them, and certainly extensive reforms are long overdue. Mobile applications under attack The world is poised for more and more developments in mobile computing in years to come. Amid many expectations and optimism, Hurlburt et al. (2010) expresses their concern of some portentous signs in the future of mobile applications, due to the issue of cyber security. They divide the core security problems in to two folds, including the security of data and the applications on the mobile device and the physical security of the device that is held in the hands. Further, they add that there are concerns about the security of the cordless information that is delivered across the mobile devices as well as the ability of using GPS technology to track the location of a mobile device. According to Hurlburt et al. (2010), these issues present a potential avenue for malicious use of positive and promising technology. Some of the ways malicious acts are perpetrated include cyber stalking of the locations of personal information. Although many enterprises will ready to use mobile devices as a way of marketing their products, disgruntled workers, criminals, ex-employees, and angry spouses will want to maliciously locate people through such devices. The increased dependence on mobile technology has even resulted to government and other authorities intruding into people’s personal matters for different reasons. Hurlburt et al. (2010) have managed to present the real picture of the future of mobile devices and cyber security. The issues they have raised will certainly threaten the very existence of internet in many years to come. E-commerce and social networking applications In today’s digital society, social networking sites such as Face book and Twitter have grown to be the key platform of sharing the information. Such information sharing often takes place based on the trust among users as such users accept and disseminate data from unauthenticated sources (Ruggiero, 2011). Social networking sites support a lot of personal data that attracts multitudes of malicious applications that aims at stealing such data, which sometimes leads to dire consequences. Basically, Uniform Resource Locator (URL) is more often exchanged as users share information. Notably, a twitter user is limited to about 140 characters when sharing brief information. However, different social sites automatically shorten the original URL making it easier for cyber criminals to achieve their malicious goals. With the changed URL, it becomes difficult for user to know the destination of the link without clicking (Ruggiero, 2011). Undeniably, this tactic entices victims to download malware by visiting fraudulent sites as many unsuspecting users hardly think twice before clicking on URL’s. Development of modern mobile devices with enhanced features and internet connection has led to growth of M- Commerce. According to Alberts and Hayes (2003), people are increasingly using their mobile devices to gather information on market prices, product details and more importantly communicate with the products sellers from any location without necessarily having physical contacts. On the other hand, retailers can utilize mobile devices in inventory enquiries, payment processing and price enquiries from the product manufacturers. For instance Apple Retail stores make use of modified version of iPod Touch to scan barcode labels and receive payments via credit card payment. Nevertheless, reading credit card is not restricted to retailers only. Basically Apple App store provides a number of applications that allow credit card payments. In addition, a third party iPhone attachment that supports swipping of credit cards is also available. For instance “Square”, a small device that is plugged into iPhone head jack can be used to acquire credit card swipe information to any supporting information. This device enables users to authorize real-time funds transfer through text messages. Researchers have indicated that iPhone credit card reader has the capability of facilitating malicious activities including “carding” and “skimming” (Alberts & Hayes, 2003). Basically, carding refers to testing validity of credit card numbers. In most cases, this can be carried out on websites supporting real-time transaction processing to find out if the credit card information can be processed. On the other hand “Skimming” refers to illegal acquisition of credit card information using skimmers, card readers or by recording and storing user’s credit card information. However, skimming activity is achieved after incepting victim’s data from a legitimate transaction. Furthermore, the ever-growing mobile computing has also come with some social implications. Alberts and Hayes (2003), in their innovative sociological trilogy, Manual Castells uses up volumes of pages tackling the manner in which criminal and corrupt activities have arose from the international internet commerce. They add that these commercial activities will utilize technology to perpetrate their criminal activities rather than requiring breaking through mobile security. Increase in threats of E-commerce and social networking as a result of increased use of mobile devices is an illustration of how these devices can cause threats on the socio-economic fronts. Smarphones and cyber security Nowadays, smartphones are commonly used in emailing, web browsing, and purchasing items and for use in social media. Regrettably, the popularity of these devices has become a bleeding ground for cyber attackers. Ruggiero (2011) raises concern that the fact that operating systems for most smartphones lack protection software such as antivirus, firewalls and encryption, makes these devices more vulnerable to cyber attacks. Ruggiero (2011) gives a very good example of how cyber attackers can take advantage of this gap in security for malicious purposes. This happened in 2011 Valentine’s Day when attackers spread a mobile picture-sharing application that secretly delivered expensive text messages from the mobile phone of the users (Nardi & O’Day, 1999). Smartphones are increasingly becoming common and consideration of the impact of mobile devices on cyber security cannot be complete without considering these highly vulnerable devices. Consequences of cyber attacks on smart phones Traynor, Ahamad, Alperovitch, Conti, & Davis (2012) strongly condemn cyber attacks on smart phones for its detrimental consequences. They actually insist that these consequences can even exceed the consequences on personal computers. A researcher and an assistant professor called Patrick Traynor, who works at the Georgia Tech School of Computer Science says that mobile applications cannot operate in absence of the browser (Traynor et al. 2012). This means that the web-based attacks, which are targeted on smart phones will continue to increase as long as the use of internet is increasing. Traynor et al. (2012) continues to argue that it the high time that engineers, computer scientists and IT professionals explored the differences between the browsers used in the traditional desk top and mobile devices with the aim of gaining a thorough understanding of how to curb cyber attacks. As discussed, use of smartphones is tremendously growing and this trend is likely to continue in the foreseeable future, something that must create concern of cyber insecurity. Mobile Malware attacks The growth in production of modern mobile devices has led to development of malwares specifically aimed at mobile phones. According to Eeten and Bauer (2009), by the year 2004, different kinds of malware had been developed, for instance cabir source code. This form of malware uses Bluetooth connection hence contributing to unnecessary drainage of the battery. According to Traynor et al. (2012), other worms lead to devastating effects that result to serious consequences on the users. For instance, Ikee B is a form of iPhone worm with unique financial motivation (Eeten & Bauer, 2009). This worm attack information with financial background. According to the authors, the worm infiltrates any financial information stored in smart phones and coordinates the infected devices through a control server with botnet command. Although Ikee B is not universally spread, it indicates that hackers can infect mobile devices with functionalities similar to those of PC’s using the botnet command. This means that, an iPhone user in United Kingdom can be hacked from another Iphone in Cuba and therefore transfer the user confidential data via the control server. Others are spy-softwares for mobile devices (Brechbuhl et al. 2010). These software intercepts actual phone calls, locate the phone GPS location, secretly read the short Messages, call logs and emails, capture all the emails in another inbox, reject or accept communication based on pre-determined list, remotely control all the phone functions and to the worst evade being tracked incase of any operation. Even though flexi spy was initially aimed at tracking children and cheating spouses, its implications if accessed by unauthorized people can lead to more serious implications. However, flexi spy needs access to the mobile phone device, but cross platform malware can also spread it. Therefore, a mobile malware attack is another fertile ground for cyber attackers. Conclusion User’s little knowledge and the growing malicious acts complexity continues to be the most threatening vulnerabilities associated with mobile devices. In this regard, it is critical to accept that mobile devices have remarkably evolved over time and can no longer be treated as the old devices. More importantly, the users must be aware of all the potential threats affecting mobile devices and as such should clearly understand the potential threats and therefore take the necessary measures to prevent them. Basically, it is very necessary for users to always remain highly vigilant to successfully mitigate and prevent any potential security threat pose to mobile devices (Wright, Dawson, & Omar, 2012). In view of this review, most of the literatures have been found to concentrate around the impact computing on cyber security, while research on the impact by mobile devices has been scanty – a gap that this paper has attempted to address. References Alberts D.S., & Hayes, R.E. (2003). Power to the Edge: Command and Control in the Information Age. Washington, D.C: Command and Control Research Project, Office of the Secretary of Defense. Brechbuhl, H., Bruce, R., Dynes, S., & Johnson, E. (2010) Protecting Critical Information Infrastructure: Devloping Cybersecurity Policy. Information Technology for Development, 16(1), 83-91. Drew, J. (2012). Managing cyber security risks: Mobile and cloud open doors to opportunities threats. Journal of accountancy, 31(5), 566-566. Eeten, M., & Bauer, J. (2009). Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications. Journal of Contingencies and Crisis Management, 17(4), 221-232. Harknett, R., & Stever, J. (2011). The New Policy World of Cybersecurity, (N. Roberts, Ed.). Public Administration Review, 455-460. Hurlburt, G., Voas, J., & Keith, W.M. (2010). Mobile applications: The fifth cycle. IT Professional Magazine, 12(6), 56-60. Kelly, B. B. (2012). Investing in a centralized cyber security infrastructure: Why "hacktivism" can and should influence cyber security reform. Boston University Law Review, 92(5), 1663-1711. Nardi, B. A., & O’Day, V. L. (1999). Information ecologies: Using technology with heart. Cambridge, MA: MIT Press. Postman, N. (1992). Technopoly: The surrender of culture to technology. New York: Vintage Books. Rose, E. (2003). The errors of Thamus: An analysis of technology critique. Bulletin of Science, Technology and Society, 23, 147-156. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., & Glezer, C. (2010). Android: A comprehensive security assessment. IEEE Security & Privacy, 8(2), 35-44. Sund, C. (2007). Towards an international road-map for cyber security. Online Information Review, 31(5), 566-566. Traynor, P., Ahamad, M., Alperovitch, D., Conti, G. & Davis, J. (2012). Emerging Cyber ThreatsReport 2012. Atlanta, GA: Georgia Tech Information Security Center. Wright, J., Dawson, M.E., & Omar, M. (2012). Cyber Security and Mobile Threats: The Need for Antivirus Applications For Smart Phones. Journal of information systems Technology & Planning, 5(14), 40-60. Read More