February 21, 2002, 12:12 PM — Last year's wave of new virus attacks could be duplicated this year -- on wireless devices. "This is probably the future of all threats and viruses," said Leo Chan, product manager for Network Associates International (NAI) in Hong Kong.
Like their wireline cousins, wireless viruses can erase data or damage devices including mobile phones, personal digital assistants (PDAs), and laptops hooked up to wireless local area networks (WLANs). One of the first reported wireless viruses was aimed at the Palm OS, developed by Palm Computing Inc., and released in September, 2000. Subsequent viruses have been transmitted via short messaging service (SMS), and have targeted phones manufactured by Nokia Corp. and some SIM cards, said Chan.
"[Wireless viruses] are not so prevalent now because there are so many types of devices," Chan said, adding that in the future, the number of viruses and the rate of infection will increase due to cross-platform systems such as Java.
Early viruses have mirrored e-mail-based invaders. Received via SMS, the message asks the user to open it. Upon opening, the user's phone crashes, or the message is copied and sent to all mobile phone numbers stored in the user's phone book. Chan said that removing the viruses is not difficult for devices running on common operating systems, like Palm OS or Windows CE, but can be more problematic on mobile phones, which often use proprietary software.
Chan also expects the problem could compound itself as attacking these wireless devices could be particularly effective, said April Goostree, virus research manager at McAfee.com, because they are "applications that people don't associate with viruses."
"We have historically seen threats target the newest technologies" and these technologies should be no different, said Steve Trilling, senior director of research at Symantec Inc.'s Security Response.
Luckily, according to Goostree, "the solutions for all of these things are out there" in the form of antivirus software and personal firewalls. Unfortunately, many users either don't keep their software up-to-date, deactivate it or use it incorrectly, she said. "The tools are there, it's just a matter of getting people to use them," she said.
"I don't think it's of any greater concern than any other area," said David Sykes, director, northern Asia, Symantec Hong Kong Ltd., of the wireless threat. "The issue is user awareness," he added.