Wireless viruses: 2002's looming threat?
Last year's wave of new virus attacks could be duplicated this year -- on wireless devices. "This is probably the future of all threats and viruses," said Leo Chan, product manager for Network Associates International (NAI) in Hong Kong.
Like their wireline cousins, wireless viruses can erase data or damage devices including mobile phones, personal digital assistants (PDAs), and laptops hooked up to wireless local area networks (WLANs). One of the first reported wireless viruses was aimed at the Palm OS, developed by Palm Computing Inc., and released in September, 2000. Subsequent viruses have been transmitted via short messaging service (SMS), and have targeted phones manufactured by Nokia Corp. and some SIM cards, said Chan.
"[Wireless viruses] are not so prevalent now because there are so many types of devices," Chan said, adding that in the future, the number of viruses and the rate of infection will increase due to cross-platform systems such as Java.
Early viruses have mirrored e-mail-based invaders. Received via SMS, the message asks the user to open it. Upon opening, the user's phone crashes, or the message is copied and sent to all mobile phone numbers stored in the user's phone book. Chan said that removing the viruses is not difficult for devices running on common operating systems, like Palm OS or Windows CE, but can be more problematic on mobile phones, which often use proprietary software.
Chan also expects the problem could compound itself as attacking these wireless devices could be particularly effective, said April Goostree, virus research manager at McAfee.com, because they are "applications that people don't associate with viruses."
"We have historically seen threats target the newest technologies" and these technologies should be no different, said Steve Trilling, senior director of research at Symantec Inc.'s Security Response.
Luckily, according to Goostree, "the solutions for all of these things are out there" in the form of antivirus software and personal firewalls. Unfortunately, many users either don't keep their software up-to-date, deactivate it or use it incorrectly, she said. "The tools are there, it's just a matter of getting people to use them," she said.
"I don't think it's of any greater concern than any other area," said David Sykes, director, northern Asia, Symantec Hong Kong Ltd., of the wireless threat. "The issue is user awareness," he added.
Sykes believes that a stringent user policy, about who has access to WLANs, along with personal awareness of what types of files can carry viruses, offer significant protection, just as for e-mail and networked PCs. He said, "the majority of these environments come with the [security] facility, it's just a matter of whether or not it's turned on." Sykes added that software packages bundled with security features turn those features off by default, and many are never turned back on, leaving the door open for attacks. He did, however, acknowledge the significance of the attacks seen in 2001. "Nimda, these blended threats, that changed the game entirely."
NAI's Chan echoed the need for proper policy. "Who has the right to use the WLAN?" he queried, adding, "policy does help, so that you can see who is on the network." NAI's Sniffer Technologies arm offers monitoring software that can locate a hacker's machine on a network, Chan said. Coden Hau, also a product manager at NAI, said that threats can be located quickly and easily. "The traffic is totally different than a normal user pattern," Hau said of virus and hacking activity.
Although enterprise use of WLANs is still in its early stages, some companies are failing to protect their networks. Bakul Mehta, president of Sniffer Technologies, said while visiting Hong Kong that during a meeting in Boston, he and his colleagues were able to view data from an unsecured WLAN-operated by a company whose office was across the street. Chan said that widely available devices such as Compaq Computer Corp.'s iPaq can be configured and used to scan wireless networks. "Big corporations do want to protect themselves, but it's whether or not the standards are good enough," Chan said.
"Security is always a great concern," said Kenny Yang, country manager, Hong Kong for 3Com Corp. Yang said the company develops its own security solutions for its products, and incorporates them into its WLAN equipment. "At the minimum, we do 40-bit [encryption]. On the high-end, we do 128-bit," he said. The 3Com Access Point 8000, for example, released in Hong Kong February 7, gives each user a unique key and changes the key with every session, and can support up to 1,000 usernames and passwords, the company said.
Sam Costello contributed to this report.
Computerworld Hong Kong
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
