Protecting Mobile Devices from Hackers

By Paul Korzeniowski | Nov 26, 2000 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/article.php/625071/Protecting-Mobile-Devices-from-Hackers.htm

Wireless networking is emerging as the next big networking wave. With handheld devices becoming more functional, and networks delivering more bandwidth, a raft of both start-ups and established companies have been delivering new software and services so mobile users can read e-mail, communicate with the home office, and surf the Web.

As network managers busily upgrade their networks to support such features, they should also be aware of the technology's downside: Hackers can use these new connections to break into corporate networks, destroy files, chew up computing resources, and force security managers to spend time downloading software fixes. Such problems are a recent phenomenon, one expected to increase along with acceptance of mobile computing. However, there are steps that companies can take to help prevent problems, and analysts recommend they start this process sooner rather than later.

Attacks Are Inevitable

There haven't been a lot of instances yet when hackers have targeted mobile devices; but that should change in the next year or two, so companies should be prepared, stated Johnny Chin, president of Onesimus Enterprises International Inc., a Staten Island, N.Y., network equipment reseller.

The first such attack occurred in May 2000 when a European hacker developed Timofonica, a program that sends bogus messages to cellular phones. Although the software actually runs on PCs rather than phones, it was the first time a virus had been developed to affect the latter.

At the end of August 2000, the first case of harmful code running on handhelds occurred. A software developer posted a Trojan horsewhich enters a device and deletes data but cannot replicate itself like a viruscalled the Liberty Emulator. It attacks the Palm OS, which is used in the popular handhelds from Palm Inc. in Santa Clara, Calif.

Ironically, this problem stemmed from Palm's open source work, where the vendor published information about its software so developers could improve it. The author, Aaron Ardiri, a Swedish developer, said his application was designed to emulate a product he was working on. After he shared the Liberty Emulator online with developers, he discovered someone had misused the software.

The hacker relabeled the program so it looked like an application designed to crack open the Palm's Gameboy Emulator. Unsuspecting video game aficionados downloaded the code and discovered their files were erased. It is difficult to determine the amount of damage the Trojan horse created, because few of the downloaders would freely admit to attempting to crack the Gameboy Emulator software.

"With handheld devices gaining popularity, they are becoming more viable targets for hackers. "

Attacks Limited So Far

To date, attacks on mobile devices have been limited for a couple of reasons. Hackers want to get as much exposure as possible, so they target well known systems like Microsoft's Windows NT and Outlook where their software can create widespread problems, said Caren Nachenberg, chief researcher for the anti-virus unit at Symantec Corp., in Cupertino, Calif.

Another factor is that these systems are well understood. Microsoft publishes information about its products, and an army of third parties tinkers with them, so their inner workings become well known. Although this information helps vendors design add-on products, it also presents hackers with a clear picture of how the software functions so they can attack any vulnerabilities. To date, that has not been the case with handheld devices. Because they are so new, not much documentation exists about them.

With handheld devices gaining popularity, they are becoming more viable targets for hackers. We've seen a progression with other devices: First joke programs arrive, then a few Trojan Horses, and last viruses, said Ryan McGee, a product marketing manager at Network Associates Inc., in Santa Clara, Calif. We've seen jokes and now a Trojan horse for handhelds so I would expects viruses to emerge soon.

New Devices, New Issues

Breaking into a mobile device is not simple. The Palm OS is much less complicated than a PC operating system and therefore has fewer potential entry points. Also, handheld devices are small and have only a few megabytes of memory compared to the tens or hundreds available on PCs. Hackers have to code judiciously to get their software to run on handheld devices, noted Symantec's Nachenberg.

Fixing defective code is also simpler than with a PC. By turning a handheld off and rebooting it, a user rids a system of problem codethe only downside is that any interim data stored in the device is lost.

However, handhelds also raise new potential problems. These devices contain all or part of their operating system on flash read-only memory cards; theoretically a virus could render the entire system, rather than a few programs, unusable.

Help Is on the Way

Help is emerging for security managers. Computer Associates International Inc., in Islandia, N.Y, Network Associates, Symantec, and Trend Micro Inc., in Cupertino, Calif. have developed security products for handheld systems.

The device's minimal main memory has made product development challenging. Typically, security software loads lists with the names of tens of thousands of viruses and then compares them to any downloaded software.

Since there isn't enough room on handhelds for our existing software to run, we are use a different technique to check for viruses, noted McGee of Network Associates. The company's handheld security software operates on PCs as users synchronize desktop and handheld information. While this approach offers vendors more room for writing their applications, a virus could operate for days or weeks on a system without the user noticing.

CrossLinks

Minimizing Risk

Companies can take steps to minimize the risk. Palm encourages users to synchronize their data regularly. Not only does doing so ensure that they always have a current backup of their data, but it also means that getting rid of any undesired application simply entails running the reset program.

Enterprises should also institute policies against loading unknown applications onto the devices. This step may not be popular with users who wish to store personal software, such as games, on their devices, but it will help companies ward off attacks.

Users who are concerned that someone might maliciously beam a virus onto their device from another Palm handheld can password-protect their systems. When the intruder tries to load the defective software, the system will prevent it.

Strong security policies can help companies prevent problems with handheld devices, noted Jan Sundgren, an associate analyst at Giga Information Group, a Norwell, Mass. market research firm. As they become more aware of the potential problems, I expect corporations to put them in place. //

Paul Korzeniowski is a freelance writer in Sudbury, Mass. and specializes in networking and telecommunications issues. His electronic mail address is paulkorzen@aol.com.