Government Technology

Mobiles Get Sick Too, and Other Cyber Security Issues


December 19, 2006 By

This holiday season, many people will be receiving new mobile devices. It is always exciting to unwrap the latest technology -- cyber criminals find it just as exciting as we do.

For many years we have used individual technologies for specific purposes: cell phones for making calls, PDAs for data storage, MP3 players for music. But the trend toward convergence leads to security issues which may have escaped notice. Mobile devices are just as susceptible to malware as computers according to Cyber Security: What Does the Future Hold? Webinar presenter Mark Fabro, chief security scientist with Lofty Perch Inc. At the Webinar, hosted by the Multi-State Information Sharing and Analysis Center, Fabro said that there are many viruses designed specifically for infecting mobile devices, such as a recently discovered BlackBerry Trojan.

Attackers use e-mail, Internet and other messaging connections to introduce malware into mobile devices. It is also believed that attackers will begin to use screensavers, games and rogue ring tones to gain access, as well as the possibility of using Bluetooth technology. There have already been instances of malware found on certain car navigation systems which utilize Bluetooth.

People must assume that their data will be targeted -- regardless of device -- and must therefore encrypt their information.

"We get paid to be paranoid," he quipped.

Fabro presented a list of must have components for personal encryption:

  • If data is stolen it should be mathematically improbable to be decrypted
  • Capability to easily create and manage keys for offline storage
  • Total directory encryption and on-the-fly decryption
  • A robust help capability
  • Capability to send secure packages with other users of the technology
  • Shredder functions and secure delete
So we decide to discard our old mobile devices. It is important to know that even if our personal information is deleted from a device, there is still the possibility that it is only de-referencing where the information is stored. A hacker could easily retrieve that information. In one case, Trust Digital was able to retrieve 27,000 pages of data from 10 used phones. The information discovered included credit card numbers, chat logs, e-mails and passwords.

Fabro explained that when discarding devices always remember:

  • "Hard resets are required
    • Return the item to factory defaults
    • Try 15 bad passwords to overwrite flash memory
  • Consider commercial secure delete tools
  • Don't store sensitive data on your phone such as banking or medical information and passwords
  • Back up personal information onto your computer (and encrypt it)
  • Set a strong password to lock the phone when you aren't using it for long periods of time and boot-up
  • Don't use a password that's easy to guess or the phone's default setting
  • Investigate policies that are available for your organization"
And make sure that the devices are DED by Degaussing, Erasing programs and Destroying data.

If all else fails, or even if it doesn't, we can always take more drastic measures to keep our personal information safe. (Fabro reminds people to wear their protective eyewear when taking hammers to their cell phones).


You may use or reference this story with attribution and a link to
http://www.govtech.com/security/Mobiles-Get-Sick-Too-and-Other.html


| More

Comments

Anonymous    |    Commented December 23, 2006

This article provides good information and suggest common sense actions to protect our information and the same time ends with a humorous safety note.


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

GovTech Papers and Case Studies View Library


Government Best Practices


Collaboration for the Public Sector


Collaborative Justice: Transforming Criminal Justice Services Through Unified Collaboration
This issue brief examines video collaboration in every stage of the human justice process, demonstrating how this technology can not only make services more efficient, affordable, and accessible.

Cloud-Based Services Accelerate Public Sector Adoption of Video Collaboration
Today, thanks to new cloud technologies and high-quality networks, mobile video services - which provide not only cost savings but which help governmental interactions become more efficient - are more feasible than ever before.

Modernization as a Service: Acquiring IT through Innovative Procurement

Five Ways Collaboration is Driving Government Performance

Mobile Video Collaboration: The New Business Reality
 

Government Technology
Public CIO
Emergency Management
Digital Communities