Smartphones Present Growing Security Problems on Campus, Report Says

October 12, 2011, 12:48 pm

As technology advances, so do the threats posed to its users and their devices. One growing area of concern for colleges, highlighted in a report released today by the Georgia Tech Information Security Center and the Georgia Tech Research Institute, is the increasing number of attacks on smartphones and their mobile Web browsers.

Smartphones’ small screen size and abundance of loosely monitored applications make them particularly vulnerable, says Mustaque Ahamad, co-author of the report, Emerging Cyber Threats.

“The resources we have on these devices are different from what you have on your desktop or laptop,” says Mr. Ahamad, who is the director of the Georgia Tech Information Security Center.

Small screens are a problem because they lead to reckless Web browsing. To free up screen space, the URL bar often disappears after the page loads, leaving the user unable to see the Web address after clicking a link. This makes it easier for a user to mistakenly land on a page containing viruses or other malware, including apps that can swipe user information.

Young people, particularly college students, Mr. Ahamad said, are at the forefront of smartphone users, possibly making them more susceptible to these threats. Because they are often more familiar with the devices, they may feel more comfortable than adults when taking risks with downloading apps and using the browser, he added.

This problem will become even more critical over the next few years as smartphone use increases. Mobile Internet usage is expected to outpace desktop Internet usage by 2014, according to the report.

“The sense is that smartphones are becoming more powerful,” Mr. Ahamad said. “They are really computers now, not phones.”

In addition to smartphone vulnerabilities, the report noted two other emerging threats aimed at capturing and exploiting user data from any kind of computer. These were search poisoning, or using search-engine optimization to make malicious links appear higher in a search, and the use of stolen cyber data for marketing. Botnets, which are networks of computers enslaved to one remote computer that generally promotes malware, are also becoming more sophisticated as users continue to share more personal information over social-media networks, making it easier to capture this data and sell it to the highest bidder.

Bo Rotoloni, the director of the Cyber Technology and Information Security Laboratory at Georgia Tech and another author of the report, said that we can no longer assume our data is protected by the network security systems.

“Our best defense on the growing cyber war front,” Mr. Rotoloni said, “is found in cooperative education and awareness, best-of-breed tools and robust policy developed collaboratively by industry, academia, and government.”

This entry was posted in Search Engines, Security, Social Networking. Bookmark the permalink.

22086364

Any suggestions a person can implement right now?
11272784

If you have an Android phone, install Lookout from the app store and it will scan incoming software for you….free. I’m sure there are other apps that also will scan incoming content.
3224243

Compounding the problems is that smart phones’ traffic moves on a network not controllable by the university (Verizon, AT&T, Sprint, etc). We can monitor and implement safety measures on our own networks but we are powerless over theirs.

An educational campaign should be the first step followed by heightened security on your own network so that you can take advantage of your own measures when the infected device logs in.
ntdavis52

Are there similar apps for Google based tablets?
srator

Notice the Blackboard Mobile ad high on the Chronicle Daily page today: “Uncover your students’ mobile usage patterns and expectations with a free mobile survey.” And a button to click. If an institution uses the survey, are students told? What access does this mechanism give to student phone use?
Marie M

Don’t use banking apps, or ever directly type your credit card number into the phone.
mbazemore

Our campus just hosted a lunch & learn on this topic. Thank you for the information.
mbazemore

Our campus recently hosted a lunch & learn seminar on this hot topic. Shows how important and timely your information is…. Thank you for the alert.
dank48

To whom does this come as a surprise?
http://www.facebook.com/profile.php?id=1126921205 Ed Williams

Be smart using yr smart phone — or bad things can happen.
Spencer Parkinson

As a Symantec employee focused on mobile security and management,
I concur with Mr. Ahamad’s comments in this blog post. As exciting as these
devices are, they do present a risk if left unsecured and unmanaged. The sad
truth is that we’re only beginning to see the tip of the iceberg in terms of
mobile threats. As more sensitive information is stored on smartphones –
especially financial information – cybercriminals are going focus on them even
more. This, along with a description of the monetization schemes behind current
mobile malware, is the topic of new research we just released this week. It
might be of interest to some readers of this blog post: http://bit.ly/rmYlrz.

Spencer Parkinson

Symantec
22024621

“Smartphones’ small screen size and abundance of loosely monitored applications make them particularly vulnerable, says Mustaque Ahamad, co-author of the report, Emerging Cyber Threats.”

This is where the iPhone, with its Apps that undergo a screening by Apple before being made available for installation, has a big advantage over Android phones whose Apps are available for installation with no quality control.
Socratease2

Perhaps to the Yamamano Indian tribe living in the deep Amazon rainforest? Probably some others as well.