There are all kinds of security risks looming with smartphones -- loss of the phone, theft, apps that store personal information on the phone, infected websites, and so on. But a recent RSA Conference survey shows that security breaches in mobile devices right now are rare. In a Help Net Security article, it was reported:
Close to all respondents (93.2%) answered "Yes" when asked if allowing employees to connect their personal mobile devices to the corporate network poses a security threat to their organization, but only 1.8% reported a "serious incident" as a result of an employee's mobile device use.
The lack of "serious incidents" shouldn't lull anyone into believing things can't change if we aren't careful, as an article posted on Yahoo shows. At the Black Hat security conference, one of the top concerns was security for smartphones and other mobile devices. The article warned that the popularity of app downloads is yet another opportunity for hackers to develop Trojans aimed to steal data, stating examples:
Lookout Mobile Security studied approximately 300,000 mobile phone applications and found that some programs accessed more data than users might expect.
One application for changing the pictures set as background "wallpaper" on mobile telephone screens fed telephone numbers from smartphones to a computer server owned by a Chinese software developer.
F-Secure recently followed a trail that led to malicious code hidden in an anti-terrorist shooter game program for smartphones. A Russian hacker had cracked a legitimate game, planted a virus in it and then offered the tainted app for free at a copycat website.
Security vendors are anticipating the rising threat to smartphones. As Carl Weinschenk pointed out, July was a good month for smartphone security initiatives.