Arresting an airborne virus: the mystery of the mobile virus hides inside the 'perfect storm' of wireless and internet convergence

America's Network, April 15, 2004 by Lynnette Luna

The rampaging worms and viruses in the computer world that cause billions in damages may soon spread to the wireless industry as more sophisticated Internet-enabled devices enter the market and customers begin using them the way mobile operators have long hoped for: to surf the Web, download sophisticated applications and send and receive email messages along with their associated attachments.

Security experts say damaging viruses passing to Web-enabled mobile devices and even between computers and mobile devices are not a question of if, but when.

"It's going to happen," says Sam Curry, vice president of eTrust Product Management for Computer Associates, a software security provider to enterprises. "More PC-like functions will lead to the opening of threats. New applications and features let us do new things, but they also give the bad guys more hooks to put in more malicious codes into phones."

WEB CAPABILITY

Mobile operators have long awaited the arrival of wireless Internet capabilities to save the industry from flattening ARPU resulting from a flattening voice services market. The critical enablers are finally in place. Operators have deployed next-generation high-speed data networks capable of delivering feature-rich applications, phone makers are flooding the market with data-ready devices, developers are recognizing the value of wireless applications and end users have a growing appetite for "always on" wireless connectivity and functionality.

These enablers also make the wireless industry ripe for the same type of virus and worm destruction plaguing the PC world. The doomsday scenarios could leave any wireless executive awake at night. The desktop PC represents the largest security risk for every enterprise today, and mobile phones will clearly become another important target as enterprises rely on them more for critical business functions. The costs, which could reach billions in just two years by some estimates, could come in the form of network fixes, customer care costs, lost service revenues and even churn.

"There are many interesting opportunities for virus writers," says Jerry Brady, managed security services chief security officer for VeriSign, which has been working with operators to find vulnerabilities within embedded devices. "This convergence with the Internet is creating the perfect storm."

Hackers could write malicious programs and code to attack networks on many levels. Viruses and worms corrupting call set-up data could disable about one-third of a given carrier's handset base, permanently destroying the phone or prompting droves of customers to call customer care lines or visit their nearest retail store. Customers unwittingly opening up email attachments in the future or downloading a new game from the Internet could launch a virus with enough bandwidth to take down portions of a carrier's network. A hacker with a vendetta could program text messages to spam users or automatically dial 911. Malicious software, known as malware, might corrupt enterprise user devices and begin disclosing confidential files or render firewalls useless.

Even more dangerous is the potential for blended threats, says Curry. A worm or virus could spread through multiple platforms, for instance, spreading from an email box to a Linux operating system to an OS platform on a mobile device.

SCARCE VIRUSES

But don't panic yet. When anti-virus software companies in 2000 discovered rather benign malicious codes targeting Palm devices, many security experts believed that 2001 would emerge as the year of the mobile virus. But they have yet to materialize. During the last four years, mobile viruses have been few, having no material impact on end users or networks. But they have demonstrated that it is possible to create malicious codes for mobile platforms.

NTT DoCoMo, Japan's largest mobile operator, was caught off guard in 2001 when users complained they were being sent messages that froze their screens and automatically dialed 1-1-0, the emergency number in Japan. Last year, SMS messages targeted at certain Siemens handset models disabled the devices if end users opened them. Researchers have also found a host of security vulnerabilities in a variety of OS platforms, including Palm, Pocket PC and Symbian, say security experts.

The million-dollar question is: When will the wireless industry begin to see a material impact from mobile viruses?

"That is hard to predict," says Laura Garcia-Manrique, group product manager for wireless security with anti-virus company Symantec, which has been monitoring the mobile space for viruses. "There really isn't anything preventing malicious code writers from creating a virus today."

Hackers are primarily interested in writing code that creates widespread damage, says Curry. Devices using more complicated OS platforms such as Palm, Pocket PC and Symbian haven't proliferated to date.

"Virus writers want victims," adds Curry. "The hooks are in there and the applications are available, but no one is going to write a virus that will hurt only 2,000 people."