WALL STREET JOURNAL Off-the-shelf mobile devices becoming government-issue standard

Until recently, government employees were rarely issued mobile devices like mobile internet devices or Blackberry's, usually because of the perceived security problem. That's changing, and fast. More and more often, government IT departments have decided "if you can't beat 'em, join 'em" and are rapidly outfitting their employees with commercial off-the-shelf mobile communications devices. These consumer devices, previously only issued to the highest-level government employees, are now much more likely to be found in the hands of the rank-and-file. That has dramatically expanded the government's mobile device population (and its over-the-air data traffic), leading some experts to worry that sensitive government communications are becoming less, not more, secure.

This change in government policy is happening on a massive scale.

This year, the U.S. government will spend $70 billion on information technology, including wireless devices, service contracts and applications, according to Warren Suss, president of Suss Consulting Inc...The shift is being driven by the desire to make government workers more effective and efficient by giving them access to critical information wherever they are, and by the need to cut costs -- private networks and proprietary devices are expensive to develop and require specialized staff to maintain and update.

Sara Silver of The Wall Street Journal reports on the exciting new uses government employees are finding for commercial devices and networks.

« Blog Home
Mocana Website »

Mobile Security’s "Big Rub"

What’s driving the explosion in mobile attacks is that these platforms are finally numerous enough to be worth hacker's whiles. So, what’s the answer? When discussing back end and user-facing approaches to smartphone security, InformationWeek’s Alexander Wolfe points out a major flaw.

So here’s the rub, though. With all this heavy-duty security in play, will we succeed in tamping down mobile hacking? Unlikely, because most protection tactics won’t effectively stop what’s likely to be the most dangerous mobile scam: mobile phishing. Think about it.

With all the different hardware players getting into the cellphone business, a whole lot of them are going to opt for the "open" platform -- that, incidentally, needs a heck of a lot of help when it comes to security. The sad truth is that smartphones are comparatively "soft targets" when it comes to malware and hackers.

Blog Home >
Mocana Website >

Hospital Cellphones Spread Superbug

According to a new study, mobile phones owned by hospital workers were one of the major sources of spreading the MRSA, an anti-biotic resistant Staph virus.

Researchers from the Faculty of Medicine at the Ondokuz Mayis University, Turkey, tested the phones of doctors and nurses in hospital operating rooms and intensive care units. They found that almost 95% were contaminated with bacteria of different types, potentially causing infections ranging from relatively minor skin complaints to life-threatening illness. Only 10% of staff regularly cleaned their phone. According to the authors, "Our results suggest cross-contamination of bacteria between the hands of healthcare workers and their mobile phones. These mobile phones could act as a reservoir of infection which may facilitate patient-to-patient transmission of bacteria in a hospital setting".

Read the article.

Latest Cell Phone Worm Tricks Users

As the second mobile worm found in the wild for 2009,

The malware is affecting S60 3rd Edition series devices, and has a valid certificate signed by Symbian tricking the mobile device user into thinking it’s a legitimate application. In terms of propagation, “Sexy View” propagates by collecting all the phone numbers from the infected device, and then SMS-es itself to all of them including a link to a web site hosting a copy of it.

With SymbOS/Yxes.A!worm or “Sexy View”, information is the main target.

What’s particularly interesting about SymbOS/Yxes.A!worm is that it appears that the worm’s main objective is to harvest information from the infected devices such as phone numbers, IMEI, IMSI, phone type and OS version. This data harvesting approach is pretty similar to that of email harvesting tools, and in the long term the harvested data will be monetized and resold to phone scammers whose activities are already driving the success of such site as WhoCallsme? and 800notes.

Read more.>

New Mobile Malware Silently Transfers Account Credit

ZDNet reports.

Five newly found variants of the Trojan-SMS Python Flocker mobile malware … allows users to transfer credit from the infected device by silently SMS-ing the providers credit transfer service with the desired amount of credit.

The scary part is:

For the time being, among the main reasons why we still haven’t witnessed an epidemic of mobile malware, is sadly because cybercriminals are making enough profit even without exploiting the fact that there are more people with mobile devices, than people with personal computers around the world.

Read the article. >