Bug watch: The real danger of mobile viruses

Bug Watch: Each week vnunet.com asks a different expert from the IT security world to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week's expert is Jack Clark, business development manager at Dr Solomon's, a division of Network Associates.

This week saw the arrival of the Liberty program, highlighting again the threat of a virus attack on mobile devices.

'PalmOS/LibertyCrack' is the first Trojan Horse (a specific type of malicious code) to attack a wireless environment. Disguising itself on websites as an enabler for the popular gaming application Liberty, users run what they think is access software for the game, but instead invite the Trojan onto their devices. Once infected, the Trojan has the potential to delete all applications on a personal digital assistant (PDA).

But before we all start reaching for the panic button, it must be made clear that if you are using your PDA correctly, all information and applications stored in the device can be reinstalled via a PC, so no long-term damage is done.

However, although Liberty could be seen as a relatively inoffensive piece of code, it represents a far greater threat. It is one more proof point, one step further down the line - a warning shot as to the real danger of mobile viruses.

There is apathy towards mobile virus code among vendors and ebusinesses alike. Mobile viruses are perceived as a pest at very most, and the jury is still out on the potential havoc they are capable of causing.

One thing is for certain though, mobile devices and operating systems are firmly on the agenda of virus writers all around the world who relish the challenge of entering the mobile market.

In order to predict the future we need to look as the past. How many organisations realised the importance of antivirus software after being hit by Melissa? How many more still hadn't learnt their lesson when the Love Bug struck earlier this year?

In ebusiness, being wise after the event is a painful and costly process, yet it seems to be the most popular choice for most companies where virus attacks are concerned.

The subject of viruses is an emotive one, capable of creating a great deal of concern. Too many alerts, and antivirus vendors are branded scaremongers; too many attacks, and they're considered ineffective.

But where there is new technology, there will be people trying to exploit its weaknesses as well as its strengths. As convergence becomes a reality, and mobile devices are able to house more and more sensitive information, the threat of malicious mobile virus code increases.

By keeping companies aware of the potential threat which these viruses pose, and of new developments as they occur, maybe we can stop learning the hard way.

Next edition: 8 September