With the proliferation of smartphones, tablets, and other mobile devices, it is important to enjoy their benefits while remaining vigilant about the security issues that go with their use. Fully 40 percent of all Internet activity is now conducted not on a traditional computer in one’s home or business but rather on some kind of mobile device.
An example of security problems that can arise was brought to light when Mat Honan, a Wired reporter, revealed that he had been the victim of a mobile security breach. That a seasoned reporter for a magazine like Wired could be hacked raises concerns about cell phone privacy for consumers and service providers alike. Honan said that his Google, Twitter, and AppleID accounts were hacked into, compromising his personal information. He took much of the blame for this incident, saying that he had linked his different accounts together, which was probably how the hackers were able to access his information across so many venues.
While Honan admitted his personal security strategy was not ideal, the hacking incident still raises concerns for Apple. The company has since taken steps to put their privacy and security methods under closer scrutiny. According to CNET, Apple recently suspended users’ ability to reset their Apple ID passwords directly on their phones. This action will not be permanent, but will likely remain in place until Apple can resolve the issue and determine if it is necessary to make this function more secure.
“We’ve temporarily suspended the ability to reset Apple ID passwords over the phone,” Apple spokeswoman Natalie Kerris explained in an email, according to Wired. “We’re asking customers who need to reset their password to continue to use our online iForgot system (iforgot.apple.com). This system can reset a password in one of two ways – either have a password reset sent to an alternate email address already on record or challenge the customer to answer security questions they had previously set up. When we resume over-the-phone password resets, customers will be required to provide even stronger identity verification to reset their password.”
Mobile privacy is a major concern, as a growing number of consumers are using their cell phones to conduct banking and other monetary transactions and access personal information. Most cell phones and smartphones have options to help users protect their information, such as screen lock controls that require a password to gain access to the device. This can help prevent hackers from accessing the phone should it be stolen or lost.
It is also wise to remove any personal information from a device, such as bank account numbers, passwords, addresses and other data that could be used inappropriately by criminals. Even keeping a cell phone linked to an email account is not a good idea, as this could give a thief or a hacker access to other information.
The problem is that what a thief once had to break into someone’s house to steal is often now readily available on their cell phones and tablets. With so much personal information sitting within range on a coffee shop table or in your pocket, you shouldn’t be surprised there are enterprising hackers taking advantage of the situation.
“We’ve noticed a 900 percent increase of malware for mobile devices that run the Android OS” in the past year, said Catalin Cosoi, global research director at Bucharest, Romania, security firm Bitdefender. “Although some of the samples are oriented towards profit, by sending text messages or phoning to premium-rate numbers, the wide majority [are] focused on extracting personal information from the device, such as contacts, text messages, browser history and GPS location.”
Cosoi warns of four common avenues of cell-phone hacker attack:
Baseband Hacking: A sophisticated technique for intercepting cellular calls, baseband hacking exploits vulnerabilities in both iPhones and Android-based smartphones. These attacks use the phone’s baseband processor to turn it into a listening device that allows the intruder to eavesdrop on conversations.
Bluetooth Snooping: Bluetooth device-pairing default passcodes for smartphones are usually “0000” or “1234.” Many users never change the defaults, and that’s a mistake that can give an attacker access to all your messages, contacts, and passwords.
The One-Minute Attack: Smartphones are always on, which means that a smart hacker can attack quickly and get out before the victim is aware anything is wrong.
Android.Spyware.GoneSixty.Gen: Once installed on a phone, it sends all messages, recent calls, browsing history and other information to a remote location and then uninstalls itself. All this takes place in less than sixty seconds.
©2012 Off the Grid News