In a recent article published by the Homeland Security Newswire, it was brought to our attention how a familiar type of personal computer security threat (“rootkits”) can now attack new generations of smart mobile phones.
For many readers of this website who are also active members of or consultants to any organization’s information security and risk management team(s), we believe this topic is one that should be addressed in their next network security assessment meeting. And, if found to be a medium to high risk level, then, more importantly, this particular risk should become part of the company’s network security policy as well.
This article states that unlike viruses, this type of malware known as “rootkits” attacks the heart of a computer’s software – i.e. its operating system. And, unfortunately, this article also claims that this malware can only be detected from outside of a corrupted operating system with a specialized tool known as a virtual machine monitor. This tool does exist for desktop computers, but, because of the current lack processing resources, a portable smart phone cannot support this tool.
Another claim from this article involves results of recent research demonstrating how under such a malware attack, an individual’s smart phone could be used to eavesdrop on a meeting or rapidly drain its battery so as to render the phone useless.
With so many companies now or planning to integrate the use of new smart phones into their internal sales, distribution and administrative processes, we believe that this malware risk needs to become a consideration for inclusion into many information security plans.
CLICK HERE to read the full article.