Log in

View Full Version : IBM: Surge in Viruses and Worms Targeting Mobile Devices... Anticipated in 2005


Darius Wey
02-10-2005, 08:00 AM
<div class='os_post_top_link'><a href='http://www-1.ibm.com/press/PressServletForm.wss?MenuChoice=pressreleases&TemplateName=ShowPressReleaseTemplate&SelectString=t1.docunid=7512&TableName=DataheadApplicationClass&SESSIONKEY=any&WindowTitle=Press+Release&STATUS=publish' target='_blank'>http://www-1.ibm.com/press/PressSer...&STATUS=publish</a><br /><br /></div><i>"IBM's Global Business Security Index report includes an early view of potential trends in 2005: Mobile devices such as PDAs and cell phones are the new frontier for viruses, spam and other potential security threats. Bluetooth and other wireless technologies that connect mobile devices pose new exposures for hackers to target."</i><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/wey-20050210-IBMVirus.jpg" /><br /><br />IBM have just released an interesting press release on the results of the 2004 Global Business Security Index Report. Among all the content, there was a point about mobile devices being the new target for viruses and worms - this year! At the moment, there is only a small bundle of malicious content targeting mobile devices, but this may increase in the not-too-distant future. Do you agree with IBM and believe that mobile devices will <b>soon</b> be the next target, or are they being over-ambitious at this stage? Let us know your thoughts.

Paoac
02-10-2005, 08:02 AM
Yes it will
Let us prepare!

gt24
02-10-2005, 08:25 AM
I think they are preparing to sell a pocket pc anti-virus solution... :)

On a serious note, viruses on the desktop are a HUGE issue because they are usually attached to the internet permantly. There is a conduit for viruses to come in and, upon infection, instantly spread again. Those are the keys, it infects, replicates, then destroys.

Viruses for the pocket pc will be few and far inbetween, until there is a virus that can spike Active Sync and infect pocket pc devices, but this is pure payload related, and not really likely to happen.

What I see happening, and I don't think this is soon, is adware will come to the pocket pc. Spike ActiveSync, it installs the spyware on every sync, and it displays pop-up like ads to tell you about this or that... and if you clean it off your desktop... how doe you clean it off your pocket pc?

Spyware has a goal on the pocket pc, viruses don't really have their goal fulfilled on the pocket pc... so, they won't be an issue...

Smartphones on the other hand.... well, those people might have to be wary... because if you can get data in from a cell connection, the virus has a way of leaving (even if it has to dial any number it can think of). Are you sure you want a smart phone? :) Viruses will be here, if anywhere... and it is going to happen, eventually.

My 2 cents...

saru83
02-10-2005, 09:10 AM
In my opinion, virusis will spread widely in pocket pc's coz actually i already have an antivirus which was realesed in may 04, so it have been for a while... never know what will happen but its gonna spread widely... :twisted:

Jerry Raia
02-10-2005, 09:33 AM
I think there is no question Pocket PC's will be a huge target for viruses.

madbart
02-10-2005, 10:26 AM
It has been sitting here as a target for the past 4 years untouched.......now with more and more of the units shipping with telephony it will definatley become more of a target.

Ah almost fogot.....did you read all the way to the bottom?
Just another chance for IBM to push their Global Services division. :roll:

"About IBM Global Services
IBM Global Services is the world's largest information technology services and consulting provider. Some 190,000 professionals in more than 160 countries help clients integrate information technology with business value -- from the business transformation and industry expertise of IBM Business Consulting Services to hosting, infrastructure, technology design and training services. Leveraging IBM's unequalled scope and scale, IBM Global Services delivers integrated, flexible and resilient processes -- across companies and through business partners -- that enable clients to save money and transform their businesses to be more competitive. For more information, visit www.ibm.com/services."

PDANEWBIE
02-10-2005, 03:02 PM
I have to tell you all this virus hype is really just a pain to me. I mean anyone who is careful about what sites they visit, actually read what emails they get, and don't download virus laden porn and warez onto their computers can be connected to the internet for YEARS without ever getting a virus themselves.

The problem isn't so much the virus makers as it is the fact that any Tom, Dick, and Harry out there can go plop down a couple of bills and take a computer home just to visit a porn site to then send a mass virus email to other unsuspecting users.

The funny thing is I have ran antivirus software for years but have never had 1 blocked or even scanned and had one appear on my PC.

Anyone else think there needs to be a Internet drivers test?

As far as PPC protection goes who is going to wonder if your standard Antivirus package will also scan for PPC viruses upon software download before install or will you be FORCED to buy yet another package?

Godsongz
02-10-2005, 03:38 PM
I don't see it as being all that much of a problem until our pocketable devices are MUCH more connected than they are now. My current devices (bluetooth/Activesync on the 2215 &amp; only AS on the 3835) are really in no danger, my next device which will likely have wifi and gsm/gprs will perhaps be a little more exposed but still not a big deal.

When our devices have the capability of always-on high speed wireless internet accessible anywhere that is affordable to the masses... then we're in danger and THEN I'll worry about it.

Jonathon Watkins
02-10-2005, 03:47 PM
I have to tell you all this virus hype is really just a pain to me. I mean anyone who is careful about what sites they visit, actually read what emails they get, and don't download virus laden porn and warez onto their computers can be connected to the internet for YEARS without ever getting a virus themselves.

Well, that used to be the case, but not any more. With the newer generation of port scanning viruses, you can get hit just by being on the Internet, if you aren't running a locked down hardware firewall.

I recently saw a report that if you connected a honeypot machine (Unpatched freshly installed Windows 2000 pro) to the Internet directly, the AVERAGE time to infection was of the order of 30 seconds. It's not at all nice out there! 8O

whydidnt
02-10-2005, 04:08 PM
I don't think 2005 is the "year of the virus" for Windows Mobile Devices. First off, there just aren't enough WM devices around to excite Virus authors. Same reason we don't see Viruses for MAC or Linux PC's.

2nd, last I knew, Pocket IE doesn't support ActiveX, a popular tool used to plant spyware, trojans, etc onto PC's.

3rd, Pocket Inbox doesn't even support HTML mail, plain text only. A mobile user would have to specifically tap and open a malicicous email attachment to run a virus, and the virus writer has no way of knowing the attachment will be opened on a Mobile device vs. an XP machine. (See #1 above).

4th, Most mobile devices, by virture of short battery life, are not connected to the internet 24x7, almost all connection to the internet is via some sort of proxy - WiFi, GPRS, etc.

This is a bunch of hype by companies that want to sell you AntiVirus software. I remember McAfee version 7.0 included Virus scanning for mobile devices, it insisted on scanning everything each time I ran ActiveSync, and it was almost impossible to stop it, even though I knew there were NO viruses that could be run on my handheld.

whydidnt
02-10-2005, 04:41 PM
I recently saw a report that if you connected a honeypot machine (Unpatched freshly installed Windows 2000 pro) to the Internet directly, the AVERAGE time to infection was of the order of 30 seconds. It's not at all nice out there! 8O

I've heard similar stories with XP machines, do you have a link to the report anywhere? It seems incredible that with the millions of connected IP addresses, that an uprotected machine could be identified so quickly. This would mean that every connected PC is getting hammered with a malicious Port scan on average every 30 seconds. WOW!! :cry:

Jerry Raia
02-10-2005, 05:10 PM
I recently saw a report that if you connected a honeypot machine (Unpatched freshly installed Windows 2000 pro) to the Internet directly, the AVERAGE time to infection was of the order of 30 seconds. It's not at all nice out there! 8O

I've heard similar stories with XP machines, do you have a link to the report anywhere? It seems incredible that with the millions of connected IP addresses, that an uprotected machine could be identified so quickly. This would mean that every connected PC is getting hammered with a malicious Port scan on average every 30 seconds. WOW!! :cry:

That happened to me about a year ago, without thinking I plugged my new laptop (XP) into the internet to downlowd all the security updates and was infected within about a minute. Just by connecting. :oops:

dmy
02-10-2005, 06:10 PM
Believe me.... I don't want to dredge up a different discussion that has been hashed to death, BUT....

I think we can all agree that as our PPCs become more and more connected, and more and more popular, that it's inevitable that they'll be targeted by viruses.

So why in bloody blazes isn't anyone upset that their PPD can be HARD RESET with a simple function call with NO USER INTERVENTION???? All it would take is for MS or for the Hardware OEM's to put in a simple confirmation dialog somewhere below the lowest-level system call that hard resets our devices and we'd be far more protected than we are.

As it is.... a PPC virus or trojan simply comes on to our machine, replicates, and then drops it's payload and poof.... everything is gone.

powder2000
02-10-2005, 06:18 PM
Some people say it jokingly but since they got out of the computer hardware business I can really see this as a push to market their software. It can and will happen, but still, I see this as an ad to both virus writers as well as end users. Just my 2 cents.

dmy
02-10-2005, 06:52 PM
Some people say it jokingly but since they got out of the computer hardware business I can really see this as a push to market their software. It can and will happen, but still, I see this as an ad to both virus writers as well as end users. Just my 2 cents.

Heh.... what makes you think that IBM is getting out of the hardware business??? There's a proposed merger with Lenovo Group of China for the PC operations, but the devil is in the details:
1. Lenovo has manufactured all of IBM's PC's for years now.
2. The so-called Sale would give IBM 20% ownership in Lenovo
3. Lenovo would move their PC Operations HQ to New York (IBM is also HQ'd in New York)
4. Lenovo would have all design and marketing operations in "Research Triangle Park" in Noth Carolina.... IBM's Design and marketing for their PC line are currently in RTP North Carolina.

-- And the real kicker --

5. in January 2005, Bloomberg reported that it's likely that the CFIUS will step in and block the "sale" due to national security concerns, specifically that "... members were concerned that Lenovo employees might be used to conduct industrial espionage."

So..... don't be counting those chickens quite yet.

ctitanic
02-10-2005, 07:39 PM
In my opinion, virusis will spread widely in pocket pc's coz actually i already have an antivirus which was realesed in may 04, so it have been for a while... never know what will happen but its gonna spread widely... :twisted:

But... AFAI Remember the first AV was released between 2001 and 2002, so we have been waiting for 2 years for these virus :D :D :D

Phillip Dyson
02-10-2005, 07:41 PM
Several people keep stating that "always-on" is some kind of virus requirement.

There are still a large number of dial-up computer users out there. I'm sure no one would agree that none of them ever got viruses.

It only takes the first person to say "Hey wouldn't this be funny ..." . Then the news or internet communities would give them lots of publicity.

Then from there .... "its on".

ctitanic
02-10-2005, 07:43 PM
I recently saw a report that if you connected a honeypot machine (Unpatched freshly installed Windows 2000 pro) to the Internet directly, the AVERAGE time to infection was of the order of 30 seconds. It's not at all nice out there! 8O

I've heard similar stories with XP machines, do you have a link to the report anywhere? It seems incredible that with the millions of connected IP addresses, that an uprotected machine could be identified so quickly. This would mean that every connected PC is getting hammered with a malicious Port scan on average every 30 seconds. WOW!! :cry:

Well, that happened to the company I working with the last year too. We have a firewall program but the owner brought his infected laptop and connected to our network and within 30 seconds I had around 20 machines with a warning message from NA in the screen.

The Yaz
02-10-2005, 08:11 PM
I would think that activestink would be more of a target of viruses in the future than the Pocketpc itself. My fear is that a virus would infect activesync and it would embed itself on all correspondence moved between the computer and the pda.

The AV would have to be set to scan outgoing mail to even warn you that there is a problem.

At least this problem wouldn't cause me to hard reset my Pocketpc each day...

Steve 8)

ctmagnus
02-10-2005, 09:50 PM
Anyone else think there needs to be a Internet drivers test?

:way to go:

Sven Johannsen
02-10-2005, 11:24 PM
Probably a good thread to re-emphasize backups. If you have a decent backup regimen, it is trivial to go back to yesterday, before the virus hit you. It's a couple of minutes to restore. Products like Sprite Backup can be set to do auto-backups at 3AM every day and save the last two, or three, or whatever. Still annoying, but not like trying to restore an XP machine.

Darius Wey
02-11-2005, 02:17 AM
I have to tell you all this virus hype is really just a pain to me. I mean anyone who is careful about what sites they visit, actually read what emails they get, and don't download virus laden porn and warez onto their computers can be connected to the internet for YEARS without ever getting a virus themselves.

Well, that used to be the case, but not any more. With the newer generation of port scanning viruses, you can get hit just by being on the Internet, if you aren't running a locked down hardware firewall.

Precisely. It's also worth mentioning that these days, email is becoming an increasingly popular avenue for viruses looking to infect innocent users. While it may not mean much for mobile devices at this stage, there is certainly a possibility that it may eventuate into a significant problem in the future.

jimski
02-11-2005, 07:10 AM
I get the impression that everyone just accepts viruses as a fact of life, sort of like roaches. Well you know these viruses don't come out of the ground, the are created by people

Why not have virus writers classified as "terrorists". Aren't they bringing harm to innocent people. A few well placed smart bombs and "poof", all gone. You can raise my taxes for that initiative.

How about breeding a generation of adolescent virus trackers. It's got to be more fun tracking down "real humans" (for virus writers I use that term with reservation) than acheiving the 10th level of some video game. Then us less gifted types can go drag the vermin out of their hole, tie them down to the nearest ant hill and spread honey over their finger tips (other parts of their anatomy optional).

That's the only way to stamp out viruses. The best firewalls and AV program's won't do it. Only the coming together of the entire World for a common cause will make it happen. OK, group hug time :grouphug: