The Spy in your hand?

crystal-ballI came across an article in ‘Businesweek’ (June 15th, 2009) that caught my attention. It’s theme was that a new generation of user-friendly spy-phone software has become widely available in the past year or so. They note that more than 200 companies are selling spyware online, at prices as low as $50. What really was interesting was the estimation that 3% of mobiles in France and Germany are ‘tapped’ and that this rises to 5% in countries such as Italy and Greece. Now, it has to be admitted that the source of this estimate was a private-investigation outfit in Italy. That being said, James Atkinson a spy-phone expert at Granite Island Group, Massachusetts, puts the number of tapped phones at 3% in the US. I agree that all of this needs to be taken with a good pinch of salt; nonetheless it does get you thinking.

The current generation of spy-phone software has one major drawback and that is that you need to have access to the phone you want to tap to load the software onto it. That being said the Newsweek article goes onto outline that a new generation of mobile spyware that is being developed for law enforcement agencies will accompany a text message and automatically itself on the targets phone when the message is opened. The supposition being that the same technology could also make its way into the hands of criminals.

The article finishes off claiming that AV and security programs developed for computers require too much processing power, even for smartphones.  At the end of the day, the spy-phone software is just software, just as is the security software that can detect it and mitigate the risk. So I do not sign up for their presumption that smartphones are exposed. We are seeing the evolution and deployment of security software for smartphones.  There is a saying in our industry – ‘security through obscurity’. By and large, it can be seen to be a truism. At the moment, with smartphones this can also be seen. Given the number of mobile operating systems that are being used e.g. iPhone OS, Palm Web OS, Android, Windows Mobile, Symbian etc, it neatly segments the addressable market into smaller chunks that may diminish the attractiveness of any segment to the malware author. It may simply be a moment in time, but no doubt many would like it to hold for as long as possible. Thankfully, in term of actual numbers, the volume of malware for smartphones and applications such as spy-phone software is dwarfed by that created for the PC.  However, it is one area that needs to be taken seriously and a careful eye kept on it.

June 9, 2009 | Filed Under Market trends, Security, Technology 

comments

Leave a Reply