The current State of Security in Smartphone - Term Paper Example

? Current of Security in Smartphone Current of Security in Smartphone Introduction Technology has leaped mankind to another level of communication, mobility and access to information. Computers and mobile technology are the major players in bringing about this change. Humans have become dependent on these technologies for their personal, as well as business needs; this creates an accumulation of personal data on the devices. The benefits of technology have always been coupled with the negative aspects of its usage that aim to cause harm to the users. Mobile technology is the latest domain that has been exploited by malicious intent users, like hackers, intruders etc, to achieve personal gains from jeopardizing the security of the legitimate users. This paper shall address the prevailing security threats that are witnessed in Smartphone technology alongside the technologies that are used to protect the devices from such threats. 2. Security in Smartphone The security threats that revolved around computers have migrated into the Smartphone domain and causing heavy losses to the users. To highlight the relevance of security measures on smartphones, Cheng (2011) provided results from a survey that was conducted by McAfee in the current year. The survey revealed that malware instances for Android (one of the most common smartphones in the current times) have increased by a significant figure of 76% in the last four months. Malware is defined as any program or application that is developed for the purpose of performing illicit activities, such as Trojans, viruses and worms. Some of the examples of security threats in smartphones are given below: 2.1 Smishing Phishing attacks had been known to cause harm to personal computers but a similar security threat is prevailing in the current times that is directed to harm smartphone- smishing and vishing. Ruggiero and Foote (2011) stated that hackers use the conventional approach of sending fake messages or voicemails to the recipients and urge them to call a financial institution with the aim to update their security settings etc. Voicemail systems are activated on the respective fake hosts that record sensitive information of the recipient. 2.2 Baseband Hacking Hackers have invented ways to intercept cellular phone calls by making the chips and firmware compromised in the Smartphone. Cheng (2011) stated that the baseband processor of the phone is turned into a listening device and enables the hackers to record conversation taking place between the participants. This can serve to record sensitive information and thus be used for malicious intent. 2.3 Infected Applications Applications are the most attractive feature of smartphones since they allow an individual to perform a diverse range of operations, for example play games, browse the web etc. Applications have also become one of the most common modes of infecting smartphones with compromised programs, such as Trojans. Apple and Blackberry follow a procedure of screening the applications (that might be contributed by developers) before publishing them on their App stores; this approach makes them avoid many Trojan attacks that might be hidden in the programs. Android follows a different approach and does not perform any screening process on the applications. Chang (2011) stated that an Android application with the name of “Steamy Window” has the power to convert a Smartphone into a botnet zombie. Upon successful acquisition of control over the phone, the hacker can perform any desired operation, such as: Send messages to any contact Make the browser point to compromised sites that may facilitate the transmission of sensitive information. Block the receiving of messages. 2.4 Jailbreaking and Rooting Apple IPhone School (2010) explains jail breaking as the hacking activity of the iPhone, iPad and iPod that allows the individual to have access to the Unix file system. Jailbreaking an iPhone is analogous to rooting an Android phone. Ngo (2009) stated that the users are not supposed to have access to this part of the phone since it allows them to install any application and change the settings of the phone without any prohibition. Cox (2010) explained that the jailbroken phones use the application Cydia that allows the user to install applications from any source, whether reliable or compromised. Any hacker can install applications on the phone without the knowledge of the user and perform spiteful activities. The applications can be piggybacked with Trojans that might stay hidden from the user and steal all kinds of sensitive data from the Smartphone. With reference to the baseband hacking explained earlier, the hackers are able to change setting in the BBP chip in the Apple Smartphone. Cox (2010) pointed out that this chip facilitates communication with the cell towers. One of the biggest threats for Apple was the possibility of facing system crashes and denial of service attacks on their cell towers due to malicious activities initiated by jailbreaking instances on the Smartphone. 2.5 One Minute Attacks Cheng (2011) stated that smartphones are easy targets for hackers since they are usually unprotected and switched on throughout the day. The hackers program their malicious programs such they transfer all the emails, contacts, browsing history from the phone and send it to a remote location. The whole operation is aimed to be completed within 60 seconds after which it is programmed to uninstall itself. Cheng (2011) stated that such attacks have been recorded to be done by Android.Spyware.GoneSixty.Gen. 2.6 Viruses and Worm Attacks Smartphone users access emails and visit web pages frequently. The World Wide Web is full of viruses and worms that are hidden in the links for games, videos, images, email attachments etc. Virus or worm can be automatically downloaded from online sources into the Smartphone and programmed to perform malicious activities to harm the data of the user. Carnegie Mellon CyLab (n.d) stated that even Bluetooth technology contributes to the spread of viruses and worms. The devices (that are enabled with Bluetooth) can be detected at a distance of 30 feet; infected smartphones can transfer virus and worms to other devices by means of Bluetooth technology. 3. Counter measures to Protect the SmartPhone Due to the increasing security threats regarding the usage of the Smartphone, companies are investing their resources and time to develop counter measures for the safety of the respective device. Associated Press (2011) provided some techniques and strategies that can be used to tackle the prevailing threats: Every operating system of a Smartphone is coupled with certain level of security measures; however more security applications can be downloaded and activated to ensure greater protection of one’s data. Many reliable software are available in the market to combat the prevailing security threats, some of them are Kaspersky Mobile Security and AVG Mobile Security and McAfee Mobile Security. Such software provides effective firewalls, prevents unauthorized access, helps prevent digital fraud and protects the device from viruses, worms and Trojans. Rooting and jailbreaking makes the devices vulnerable since the company’s default security measures and screening policies are nullified. The exposure of the system files of the phone proves to make data vulnerable and insecure therefore jailbreaking activities should be avoided and newly purchased phones should be verified for such aspects. 4. Conclusion The ever increasing cyber threats have intervened in the mobile technology as well. Smartphone seems to be an easy target for hackers and intruders since they are rarely protected by security software. Smartphone are equipped with the functionalities to access the World Wide Web; therefore, they are prone to be infected by the prevailing threats of viruses, worms and Trojans. Alongside the transfer of malware from the web, threats like infected applications, jailbreaking, rooting, one minute attacks, smishing and baseband hacking are also witnessed in smartphones. The installation of applications from unreliable sources makes the data vulnerable since the hidden motive behind the application may not be apparent to the user at the time of installation of the application. Some developers often piggyback Trojans with valid applications that make the smartphone perform malicious activities. Such threats and attacks can be avoided if effective security measures are deployed, such as mobile security software. References Apple IPhone School, (2010), What is Jailbreaking?, Retrieved from http://www.appleiphoneschool.com/what-is-jailbreaking/ Associated Press, (2011, Feb 10), Top Ten Security Software for Smartphones and Mobile Devices, International Business Times. Carnegie Mellon CyLab, (n.d.), Going Mobile Is Not without Security Risks, Retrieved from http://www.mysecurecyberspace.com/articles/office/going-mobile-is-not-without- security-risks.html, Chang, K. S. (2011), Can Smartphones Get Virus/Viruses and Malware? iPhone / Android Phone Only as Smart as Their Users in Malware Detection, Hub pages, Retrieved from http://kschang.hubpages.com/hub/Do-Smartphones-Get-Viruses-Why-iPhones-Android- Phones-and-Others-Are-Only-as-Smart-as-Their-Users Cheng, R. (2011), Security becoming a must on smartphones (Inside Apps), CNet, Retrieved from http://news.cnet.com/8301-1035_3-20111012-94/security-becoming-a-must-on- smartphones-inside-apps/ Cox, J. (2010), Is iOS jailbreaking an enterprise security threat?, Network World, Retrieved from http://www.networkworld.com/news/2010/121710-ios-jailbreak-interview.html?page=2 Ngo, D. (2009), Jailbreaking iPhone could pose threat to national security, Apple claims, CNet, Retrieved from http://reviews.cnet.com/8301-19512_7-10298646- 233.html#ixzz1cZEVQm6L http://reviews.cnet.com/8301-19512_7-10298646-233.html Ruggiero, P. & Foote, J. (2011), Cyber Threats to Mobile Phones, US- Computer Emergency Readiness Team (CERT). Read More