Cell Phone Worms, VoIP Fraud to Grow in ‘07
Cell phone worms and VoIP fraud are among the top 10 security threats to watch next year, according to a panel of experts assembled by the SA-NS Institute.
Cell phone worms will infect at least 100,000 phones in 2007, jumping from phone to phone over wireless data networks, the experts noted.
Malware aimed at mobile phones has been seen in the past, but it has not been considered a serious problem. That will change, contends SANS Director of Research Alan Paller.
To date, only 100 cell phones that have been attacked have become infected, he estimated.
Hackers have also begun penetrating VoIP servers and selling dial tone as if they were a phone company, noted Paller. “The hackers collect the money from the people that use it, while the company operating the servers gets the bill,” he said.
“A lot of medium-sized companies are putting in Voice over IP,” he observed. “They are doing it without any sense of security, so they’re easy pickings.”
In addition to cell phone viruses and VoIP attacks, other trends SANS recommends watching next year include the following:
* Laptop encryption will be made mandatory at many government agencies and other organizations that store confidential data.
* Targeted attacks will be more prevalent, in particular on government agencies.
* Congress and state governments will pass more legislation governing the protection of customer information.
* Spyware will continue to be a huge and growing issue.
* Zero-day vulnerabilities will result in major outbreaks resulting in many thousands of PCs being infected worldwide.
* The majority of bots will be bundled with rootkits.
* Network Access Control will become common and will grow in sophistication.
* Theft of PDA smartphones will grow significantly