Maximum Wireless Security

Because of their susceptibility to viruses, handheld devices are potentially dangerous to a corporate network. In addition, small business and home users will probably soon require protection from wireless viruses.

Malicious virus writers have a passion for "owning" new technology. New platforms such as Palm and Windows CE are highly sought targets by virus and Trojan writers. Being the first to infect a new platform provides the virus writer with a great deal of instant notoriety. The motivation for malicious virus writers to attack handheld devices includes the following:

  • Feeling the thrill of "cracking" a new technology or platform

  • Gaining publicity in the IT and popular press

  • Earning the respect of their malicious peers

  • Breaking the record for most widespread infection

With advancing technology in the handheld device and wireless networking industry, virus writers have plenty of room for growth. In addition, the number of targets is growing at an exponential rate. In fact, the first viruses to target wireless devices and handhelds have already emerged.

For example, the Phage virus was the first to attack the Palm OS handheld platform. This virus, when executed, infects all third-party application programs.

Palm OS Phage is able to spread to other machines during synchronization. When the Palm synchronizes in its cradle with a PC or via an infrared link to another Palm, the virus transmits itself along with infected files.

The early handheld viruses spread slowly, because most PDAs were not wireless-enabled. However, with the growing prevalence of handheld wireless functionality, the threat grows as well. In fact, the modern Pocket PC has most of the ingredients for viral spread, such as a processor, RAM, writable memory, Pocket Microsoft Word, and even a Pocket Outlook mail client. Worse , unlike their desktop counterparts, security measures such as firewalls and virus scanners for handhelds are immature. Combine all this with an unsecured wireless link, and the potential for viral spread multiplies.

The future might be even worse. With distributed programming platforms such as .NET combined with mobile Microsoft platforms such as Windows CE, the potential for viruses could be even greater. Imagine a virus catching a ride on your "smart" watch (Stinger OS) until it gets close enough to infect your corporate networks as you unwittingly drive by unsecured access points.

An example of a wireless virus was the Visual Basic Script (VBS)-based Timofonica Trojan horse virus that hit a wireless network in Madrid, Spain. Like the "I Love You" email virus, Timofonica appends itself and spreads through your contact list. However, with Timofonica, with each email sent the Trojan horse also sends an SMS (short messaging service) message across the GSM phone network to randomly generated addresses at a particular Internet host server. This can create annoying SMS spamming , or even a denial-of-service condition.

A similar denial-of-service example occurred in Japan. A virus that sent a particular message to users on the network attacked the NTT DoCoMo i-mode system. Unsuspecting users who received the message received a hypertext link to click. Unfortunately, this link automatically dialed an emergency service number, causing the emergency response service to overload.

Категории