When I first began hearing of—and writing about—hacking and malware back in the early 1990s, little did I dream that one day I would long for a time when the problem was pretty much limited to screwball kids with too many brains and too much time on their hands. Alas, that day has come.
Cyber crimes have grown in number and sophistication over the years, and hacking syndicates have sprung up to take ordinary crimes like extortion to a new technological level. Still, the bad guys were somewhat limited by the tools with which they had to work, and some areas of computing were pretty much safe from attack (although I, and many others, warned that it wouldn’t stay this way forever).
Now comes the news that a new botnet has been developed that can potentially compromise all those “relatively safe” PDAs and Internet-ready mobile phones upon which so many of us have come to depend. Trend Micro noted recently on its blog that such devices have been thought to be safer from malware attacks because they operate on relatively closed platforms. In some of those platforms, this is enforced in part by mandatory code signing, which requires a third party signature to ensure that messages are not malicious.
Unfortunately, Trend Micro said it recently encountered a new threat to many mobile devices that appears as a legitimate application ACSServer.exe and calls itself Sexy Space, then steals the user’s subscriber, phone, and network information, and connects to a Web site in order to pass on the information. This new botnet—essentially a group of computers manipulated by a single source, often but not always malicious—can also send spammed SMS messages to the user’s contacts.
“All this would be worrying enough, but there’s an even bigger issue at play here,” says Trend Micro. “Both SYMBOS_YXES.B and an earlier variant [two popular mobile platforms] are signed programs. The signing process … is supposed to ferret out instances like this, but somehow this slipped through. It may well be a coincidence, but it does not reinforce confidence in the signing system.”
Now everyone is looking for the source, and there have been reports that the botnet originated from three China-based firms. While the political implications are disturbing (with numerous reports of malware attacks connected with China over the past few years), the prospects for data security are even more troublesome. If your enterprise has allowed integration of mobile devices in any form, you suddenly have a new problem to worry about—one that will not easily be solved.
Many in the insurance industry have balked at allowing access to their networks via mobile devices. These enterprises seem to have been proven wise in their conservative approach.
The flip side, however, is that now our technology industry will be forced to pay much more attention to data security and to develop more robust defenses. That trend should engender hope in our cautious insurance industry. Let’s see how the technology giants respond.
This article can also be found at InsuranceNetworking.com.
Ara C. Trembly is the founder of Ara Trembly, The Tech Consultant, and a noted speaker on and longtime observer of technology in insurance and financial services. He can be reached at ara@aratremblytechnology.com.
Be the first to comment on this post using the section below.