The History of Smartphone Security and How to Stay Protected
The world was forever changed in 2000 when the Ericsson R380 model hit the market and laid claim to the title “first smartphone.” Though Motorola and Nokia had manufactured cell phones with internet capabilities years earlier, it was the R380 that introduced the Symbian operating system, heralded as revolutionary at the time, to mobile devices. Symbian became the standard OS after Nokia snatched up Symbian Ltd, began churning out smartphone models and dominated the cell phone industry for several years. What developers and users did not anticipate at the time, though, was that smartphones were not smart enough to evade malware attacks. Security measures would have to be taken by both manufacturers and end users.
The Birth and Growth of Smartphone Malware
The Symbian Worm
During the golden years of the Symbian age, mobile phones were believed to be impervious to virus infection and therefore had little if any security. It wasn’t until 2004 that a team of virus writers, operating under the name 29A, created the industry’s first known smartphone virus. Devised specifically for the Symbian operating system, the Cabir virus, also known as “Caribe,” was classified as a worm and was transmittable through Bluetooth. The 29A group claimed that Cabir was a “proof of concept” exercise, their goals being to see if infecting a smartphone was possible and if so, to encourage the development of security measures to prevent such an attack. The group even sent the virus concept to anti-malware firms for consideration, but after source code of the virus was leaked to the internet, it steadily began to infect cell phones globally. What began as a security measure prompted what’s considered the first significant cell phone virus.
Shortly after, as users began to take notice of Windows’ mobile operating system, Windows CE, so did virus writers. Within a month of each other, the first file infector virus, WinCE Duts, and the first backdoor program, WinCE Brador, delivered a one-two punch to Windows CE. Duts was designed to locate a smartphone’s root directory and infect executable files. Brador would sneakily open a smartphone port, allowing a remote user to access the device. Through this nefarious route, the remote user could access sensitive data, credit card numbers and physical addresses and the threat of losing more than the use of one’s smartphone became very real. With the introduction of Brador and Duts, users began to understand that the small computer they held in the palms of their hands was just as vulnerable as the PCs sitting on their desks at home. Though stealthy in nature, these two Win CE viruses could not hold a candle to what came next.
The Three Horsemen
The year 2004 was not yet done with the mobile phone malware assault. The Trojans were coming. Again targeting the Symbian OS, the first Trojan horse to appear came in the form of the innocuous Symbian game called “Mosquito.” But the SymbOSMisquit virus had altered the code of the “Mosquito,” so when users downloaded what they thought was a legitimate game, they allowed in a virus that sent SMS coded messages without the user’s knowledge. The next Trojan, Skuller, masqueraded as a wallpaper app for Symbian devices, but once downloaded, it would overwrite all original applications and delete all icons save for one — a skull and crossbones. The last Symbian Trojan popped up in January 2005. This one, Locknut, had detected a vulnerability in the Symbian OS: the system did not check the integrity of files. Locknut would create folders without code so that when the system went to execute the file, the system would freeze and the smartphone would be rendered useless. After the stampede of Trojans, more cell phone owners would seek anti-virus protection programs for their mobile devices, and independent companies like McAfee and Avast, along with heavyweights like Windows and Symbian, would roll out their own programs and updates with regularity.
Modern Defenses for Smartphone Users
Only 14 percent of Americans have an antivirus program installed on their smartphones. Most are simply still under the impression that their cell phones are not vulnerable, but installing smartphone antivirus and malware software is your first defense in ensuring the safety of your phone and your data.
The same malware fluent over a decade ago still lingers and mutates today. The self-replicating virus, the worm, is considered the most dangerous and damaging of the malware gang due to its ability to affect numerous devices and spread incredibly fast. However, a worm requires user permission through the downloading and launching of the virus, and users are better educated now about the risks of launching unknown attachments, especially those received through email.
Protecting your phone number is a simple step that could save users time and money. With numerous people-finder sites available to anyone with an internet connection, strangers can use your phone number to access personal information with great ease. Luckily, this issue has also become easier to address by the ability to block your phone number. Smartphone users can even block their numbers on a call-by-call basis for free. As smartphone users are more informed now than ever, the risks of contracting a virus decrease through simple education.
Limit Geolocation Access
Some of the coolest features of your smartphone may actually be used against you. The geolocation feature that informs your applications of your physical location may allow apps and ads to tailor to your preferences, but leaving those permissions active at all times means you allow hackers access to your whereabouts and patterns. Some apps that track your location have no feasible reason for doing do. If you use geolocation, be sure to only grant permission to those apps that require your location in order to function as intended.
Though annoying, the updates that interrupt your smartphone usage are vital to the protection of your phone as manufacturers often initiate “patches” for vulnerabilities through the updates they send out. If your operating system is vulnerable, then every app on your phone is, too. Maintaining your sensitive data and personal privacy becomes simpler when you develop the habit of updating your OS and your apps regularly.
Be Camera Shy
Possibly the most used feature on your phone could be the most direct line to hijacking it along with all of your sensitive data. In addition to allowing you to capture the world around you, your phone’s camera can be captured by hackers and cyber criminals. Spy apps are readily available to anyone wanting to track someone’s phone, so be wary of any apps you download that ask for permission to access your smartphone’s camera and microphone.
Smartphone security has come a long way since the Cabir virus of 2004 when cell phones had virtually no security at all. But there is still a long way to go. All of the updates, app restrictions and security software in the world won’t matter, though, unless smartphone users know to use it.