Thursday, May 19, 2011

AusCERT 2011 Conference — Smartphones: the perfect bugging device

Security experts at the AusCERT 2011 Conference in Queensland this week warned that serious attacks on mobile phones are expected before the end of this year, and that those attacks will involve tracking users, not just stealing their money.

On Wednesday, Amil Klein, CTO at Trusteer, explained how mobile malware has evolved to a stage where it can now bypass most banking security.

Graham Ingram, the general manager of AusCERT, backs this up.

"The genie is out of the bottle. The hardware is there, the software is there, the capability is there ... these guys will turn it around quickly, now. They know what to do, as soon as the reward is there — and it is clearly there — they will move rapidly into it, and I think that is going to shock a few people because we will wake up one morning and it will all be happening."

But it's not just users' bank accounts that are at stake; modern smartphones make the perfect bugging device.

The implications of being able to turn on a remote device that has the capacity to look at emails, geo-locate users, look at SMSes, listen to phone calls, record meetings and even turn on a camera are stunning. Intelligence agencies with these capabilities with a remote "on" button would be ecstatic. (more)