Mobile phone users often assume their devices' applications are impossible to hack, and tend to not apply security software to their devices.
ITWeb's Security Summit 2011
More information about the ITWeb's Security Summit 2011, which takes place from 10 to 12 May, at the Sandton Convention Centre, is available online here.
This is according to Dr Frans Lategan, Absa security consultant, who will speak at next week's ITWeb Security Summit to be held between 10 and 12 May at the Sandton Convention Centre.
Lategan will demonstrate how easy it is to extract the contents of an iPhone back-up file, modify the contents, and restore this back to the iPhone.
He will also show how a user's credentials can be exposed on an iPhone, how applications can be modified and even how users can cheat in games.
Lategan says the biggest security threat is the loss of the mobile device, and the data it contains.
According to Lategan, losing business data via a mobile device is exactly the same as losing business data through any other means. However, he notes the biggest problem is it's much easier to lose a mobile device that contains sensitive business information, than it is to lose a server or backup tape.
Lategan says another problem with mobile devices is that they are not patched as often as desktop PCs. He explains that many mobile devices are still running on the firmware they were released with; which in some cases can be several years old.
He points out tablet devices such as the iPad are attractive theft targets by cyber criminals because business users are storing and accessing valuable information via these tablet PCs.
“Fortunately, they are generally based on cellphone platforms, and can be secured in the same way. For instance, iPads can be secured like iPhones, and Android tablets can be secured like Android phones.”
Lategan believes the BlackBerry mobile operating system has the best security in terms of depth. “iOS, Windows Phone 7 and Android are not as good, though they can be configured to be reasonably secure, unless 'jailbroken'”.
iOS jailbreaking is a process that allows devices running Apple's iOS to remove limitations imposed by Apple. Once jailbroken, iOS users are able to download additional applications, extensions and themes that are unavailable through the official Apple App Store.
According to a Symantec blog post, jailbreaking iPhones has its risks, because it opens the door to devices becoming more susceptible to attack and malware infection.
The security vendor states: “Another concern is the vulnerabilities in the devices the jailbreak code exploits could also be used to carry out malicious attacks.”
“There have been a few instances of malicious Android apps, and of course Android devices are currently the only mobile devices that are Flash-enabled, making them the least secure of the major players,” Lategan notes.
Share