But that added functionality and ubiquity could make them prime targets for cyber-attackers in the future, if not today. Smartphones could become even more attractive to cyber-criminals because users might not focus on securing them as much as they do for traditional hardware.
Ron Meyran, director of security products at Radware, an application delivery and security company, believes there are three reasons why smartphone security often is neglected.
"I think today the threat is unawareness. The second thing is the fact that nobody treats the smartphone as a real computing platform but more as a gadget," he said. "The third is the fact that today, IT security managers are overwhelmed with the workload that they have, especially in the past two years. During the recession, they had been cutting budgets and the human factor -- they had to lay off people."
With less money and less manpower, IT security professionals in the private sector and government have to secure not only laptops and desktops, but also a slew of additional mobile devices. Meyran said not enough IT shops are doing both.
"The mobile device today has an operating system, communications stack, applications -- everything -- which makes it vulnerable just like any PC," he said. "Today we don't see many tools to protect smartphones."
Radware issued a statement in early August listing three threats to the unprepared:
- Handsets that can send and receive data are vulnerable to battery drain attacks, where they're sent packets of data that prevent them from going into sleep mode -- draining the battery faster than it would deplete otherwise.
- Malware can infect a handset and jump from there to the corporate or government network and bypass security measures.
- Botnets can target handsets as well and allow criminals to control the devices remotely in order to send spam and launch further network attacks.
"They simply want to maintain their service," Meyran said.