If I were in the business of making predictions, rather than reporting the predictions of others, I would have jumped all over the rise in attacks against mobile devices. Anyone who reads my blog regularly shouldn't be surprised by that, since mobile and smartphone security are topics that I discuss frequently.
Since I don't make predictions, I'll let Cisco make them for me. Cisco's 2010 Annual Security Report pointed out that cybercriminals are investing more resources into exploits on mobile devices. One reason is obvious: the increase in the use of mobile devices worldwide, particularly in poorer countries where using smartphones and other mobile devices is less expensive. But, according to the report, there is another consideration:
A significant "tipping point" in vulnerabilities has been reached. PC vendors are building better security into their products, and they are moving faster than ever to provide updates, alert users to potential flaws, and make patches available to users.
This, the Cisco report adds, will lead to an increase in attacks on non-Windows operating systems. Android and Apple mobile devices are going to be primary targets in the coming year, Cisco predicts. I suspect there are more than a few bad guys out there anticipating the increase of iPhone users next month when Verizon comes on board.
The trick involves hacking a phone's baseband by setting up a fake cell phone tower and connecting to a target device. The hacker could then transmit malicious code that would activate a phone's auto-answer feature, with the user being none the wiser. That means not only are conversations over your phone vulnerable, but so are those you have while simply near your phone.
A problem for the average user? Maybe, maybe not. But when you think of how much business is conducted over smartphones today, it certainly creates a whole new security concern.