than 100 in 2005.
Gartner analysts have backed the scanning approach, saying that installing antivirus software on cell phones would be a mistake. On the PC, antivirus tools became largely ineffective and were reduced to removal tools when e-mail surpassed floppies as the dominant transmission mechanism for viruses, they wrote in a research note last June.
"The mobile world should not repeat the mistakes of the PC world. Malware protection services should be built into the network first, and device-side protection should be the last resort," analysts John Pescatore and John Girard wrote.
Pesky programs
Cell phone pests can
crash handsets, attempt to install other malicious software or try to
wirelessly transmit personal data to other gadgets. Most of the attacks rely on
the device's owner clicking to execute a file received via Bluetooth or MMS.
They also require the user to acknowledge and ignore a warning from the system
that the file may be from an untrusted source and cause problems.
The risk of infection is higher in crowded locations, such as big cities, in public transit or at a sports event, experts said. Whether a phone is vulnerable depends on the type of device and its configuration. High-end phones running the Symbian operating system with Bluetooth enabled are most likely to be attacked.
Handset owners have fallen victim to viruses like Commwarrior because it is persistent and the user interface on many phones is faulty, Hypponen said. When Commwarrior is attempting to spread via Bluetooth, messages will keep popping up asking the user to accept the malicious file. As long as an infected phone is nearby, declining the file will result in a new request popping up.
"The phone is asking you 'yes' or 'no,' and clicking 'no' doesn't work," Hypponen said. "Until you answer 'yes' or 'no,' the phone won't work. People are getting frustrated, they don't know what else to do, so they click 'yes' and then they get infected."
What people should do in such a case is walk away, Hypponen said. Bluetooth has a limited range of about 33 feet, and moving away from the device that is transmitting Commwarrior will stop the incessant pop ups.
Phones will change to address this problem, Hypponen said. Symbian, maker of the namesake mobile phone operating system, and handset makers are altering their software, he said. Other changes that have been proposed to secure phones include new, hardware-based security standards for the devices.
Symbian has been the biggest target of miscreants who write malicious software. Symbian is the most popular operating system for smart phones, including those sold by market leader Nokia. Two-thirds of all smart phones shipped in the third quarter of last year ran the Symbian OS, according to recent Gartner research.
Smart phones are digital do-it-alls. In addition to voice calls, the devices can be used for keeping a calendar, surfing the Internet, downloading software, and sending text messages and e-mail. In the future, they could replace wallets, say industry pundits, with consumers whipping out a specially equipped phone instead of a credit card to pay for a purchase. Microsoft has said the mobile phone could become the PC of the developing world.
Threats to mobile devices are expected to rise as more smart phones are sold. In the third quarter of 2005, worldwide shipments of smart phones totaled 12.6 million units, up 210 percent year over year, according to Gartner. As a proportion of all mobile shipments, smart phone shipments increased to 6.1 percent from 2.4 percent, Gartner said.
For a widespread worm or virus attack, several conditions must be met, Gartner analysts Girard and Pescatore. Smart phones have to be widely adopted, wireless messaging needs to be ubiquitous and one operating system should be dominant, the analysts said. For antivirus makers and cellular network operators grappling over what approach to take to protect customers, time might be running out.
"Gartner believes these factors will converge by the end of 2007," Girard and Pescatore wrote.
Play video
There are currently no comments for this post.