RSA Conference Europe: No real solutions yet for mobile handset security

RSA Conference Europe: No real solutions yet for mobile handset security
RSA Conference Europe: No real solutions yet for mobile handset security

A former chief IBM security strategist has said that the security industry has not yet hit upon a real solution to protect mobile handsets from hackers.

 

Speaking at the RSA Conference Europe in London, Gunter Ollman, now vice president of research for Damballa, said that although the security industry has done really well in protecting the desktop, mobile protection isn't going to be any easier.

 

He said: “The fact [is] that you have end-users [who] have more access control than administrators in an organisation, the ability to download applications outside of the enterprise network, [and] erosion of perimeter defences. The strategy had to change from protecting what you can, into detecting when something does go wrong and having processes to immediately shut down the handset.”

 

He did reveal a snapshot of research that Damballa was working on with a US telco, which focuses on the criminals behind attacks and suggested that the mobile security threat might not be as dangerous as reported in the past.

 

Comparing data from previous security research from other companies, he said: “We're just not seeing that level. The number of handsets compromised and engaging with bad guys is considerably small.”

 

But he was clear that mobile threats were evolving, generally changing and modifying themselves to chase where the money is. But the criminals behind it don't.

 

Ollman said: “We're seeing the same bad actors. The same bad guys running the same crime routes on the operating system and mobile side. As they continue to develop malware, they are using the same protocols and destinations. That's good, because at least it gives me attribution around who the real bad operators are.”

Sign up to our newsletters