|Airwide Jay Seaton|
Jay Seaton, chief marketing officer at Airwide Solutions, on security threats in the mobile network.
Recently it emerged that the first SMS Trojan focusing on Google’s Android OS was detected in the wild by Kaspersky labs. The Trojan, named MS.AndroidOS.FakePlayer.a, is a warning to mobile phone users to be aware that cyber criminals are increasingly targeting them in attempts to make illicit gains.
However, this Trojan is also a stark warning to operators that the threat from cyber criminals is on the rise.
The gaps in the network
It comes as no surprise that cyber fraudsters target sophisticated handsets such as those running on Android to steal information. These devices typically contain a wealth of valuable and sensitive data, and although operators protect them to some degree, these devices are still incredibly vulnerable.
This newly detected Trojan was the first to run on Android and posed as a media player application sending SMS messages to premium rate numbers. The result was a huge bill for the unsuspecting owner and subsequent credit, customer care and churn costs for the operator.
After the Trojan was detected, Google explained that it has implemented a system to stop malicious applications running on handsets. However, while it is reassuring that on this occasion there were measures taken by the OS provider, in many cases this is still not the case.
Mobile messaging is being used more and more for critical applications, such as mobile banking and payments, and by a rising number of subscribers covering most age groups and regions around the world. Unfortunately it is also an area seeing a huge rise in mobile security threats.
The need and demand for more robust mobile security has therefore never been greater. There are steps that subscribers can take to protect themselves against mobile security threats, such as only installing apps they trust and diligent use and management of passwords. However, the burden of responsibility to protect devices is one the operator still shares with the consumer.
Device-based security solutions are a defence operators should consider, however these solutions can be limited as they only protect a small number of users. Handsets are also constantly being upgraded and replaced with higher specification models; so any security software which is added is often swiftly outdated.
Currently many operators voluntarily police potential fraudsters, but as messaging services continue to grow and become more complex, operators need to look at a comprehensive and robust range of security features. These include anti-spam, anti-spoof and anti-flooding tools, along with next generation gateways that can detect abnormal patterns in messaging traffic, confirm legitimate senders, filter content and block suspicious messages.
Protection also needs to be applied at the personal level to help enable subscribers to set up and manage their own personal controls.
SMS malware attacks have been a common occurrence for mobile devices for some time now with Symbian devices, jail broken iPhones and other popular devices being targeted.
This makes security solutions and controls that protect both the network and the end user an essential part of operators infrastructure planning. With the appropriate measures in place operators can ensure that potentially destructive security risks are negated; and that revenues from the successful adoption of applications and services are not jeopardised by cyber crime and malicious attacks.
Once customers feel assured they will not be vulnerable to dangerous unwanted messages when downloading an application, they will feel more confident about downloading and paying for a wider range of content and services in the future.
As a provider of next generation mobile messaging and wireless internet infrastructure, applications and solutions, Airwide Solutions has one focus: To enable your revenue to keep pace with the burgeoning consumer-driven mobile messaging and wireless internet market.http://www.airwidesolutions.com/