Is your cell phone due for an antivirus shot?

Security software industry focuses on mobile phones but runs into resistance from service providers.

You can put videos, games, pictures and music on your cell phone. Is antivirus software next?

Programs that fight viruses have become a necessary evil on Windows PCs. Now the antivirus industry is turning its attention to mobile phones--but it's running into reluctance from cell service providers, who aren't so sure that the handset is the best place to handle security.

Verizon Wireless, one of the top U.S. mobile networks, doesn't see a need for its customers to install antivirus software on cell phones. "At this point, that is absolutely not required by individual customers," spokesman Jeffrey Nelson said.

But makers of security software are eager to get their products onto handsets, a huge potential market. About 812 million mobile terminals--such as cell phones and smart phones--were sold in 2005, according to market researcher Gartner. That compares with an estimated 219 million PCs in the same period. The market research firm expects annual mobile device shipments to exceed 1 billion units for the first time in 2008.

While the number of threats to cell phones is low, security experts and analysts agree that situation is likely to change. Gartner suggests a widespread attack could surface by the end of next year. In this period of quiet before the storm, antivirus makers and mobile providers disagree on the needed defenses. Without a solution, cell phone users could lose out.

More than 150 viruses that target cell phones have been discovered since June 2004, and tens of thousands of infections have been reported worldwide, Mikko Hypponen, chief research officer at security company F-Secure told session attendees at last week's RSA Conference.

That count, while it may seem high, is eclipsed by the number of PC viruses, which stands at more than 150,000, according to F-Secure research. So far, most cellular viruses have been created only to show that they are possible. They haven't actually been released into the wild. "Today, you are still much more likely to get hit by Windows malware then by any mobile phone threat," Hypponen said.

Even so, some antivirus makers are raising a red flag about mobile phone risks, saying that the number of attacks will likely change over the year or two, as more people get phones with advanced features that could be exploited by malicious software. "I think we're really at the tipping-off point," said David Rayhawk, a mobile threat researcher at McAfee.

In the hunt
Symantec, McAfee and F-Secure are the front runners in selling security software for handsets. Recently, Helsinki-based F-Secure announced an expanded relationship with Nokia to sell antivirus software to the handset maker's customers. Symantec has a similar agreement with the Finnish company, the world's largest manufacturer of cell phones. McAfee's software is installed on some phones in Japan.

In general, antivirus software makers foresee that their products will be on all handsets soon. "We estimate that in the future, every single phone will be running an antivirus system," Hypponen said.

That vision isn't shared by some U.S. cellular companies, which often sell phones alongside their service subscriptions. Verizon Wireless has made its resistance clear, and T-Mobile USA said that it is still investigating options. "We're in the process of understanding the marketplace to determine how our customers' needs are best served," a representative for the carrier said. "We are also evaluating potential threats to the handsets sold by T-Mobile and steps needed to mitigate potential risks."

Cell phone operators have typically focused on their network, rather than phones, as the place to try to thwart mobile virus threats. In moves invisible to users, they scan messages moving from one device to another to filter out malicious programs. Verizon Wireless, which has 51.3 million customers, and T-Mobile USA, which claims 20 million customers, both have scanners in place, representatives said.

"We filter for specific types of malicious code attached to MMS messages," the T-Mobile representative said, referring to multimedia messaging technology. MMS messages are photos, music and similar files sent between phones. "To date, there have been very few types of malicious code that affect cell phones. Nearly all have been associated with MMS messages, and we have been able to block them with our current MMS processing technology."

Commwarrior, which antivirus companies say is one of the most common mobile pests, spreads using MMS messages, sent over a cellular network or via Bluetooth short-range wireless.

Fortinet, which sells scanning tools to mobile phone operators, said that up to 10 percent of all the MMS traffic scanned is infected with a virus. Fortinet has seen a more than 500 percent increase in mobile phone pests, from fewer than 20 unique threats in 2004 to more than 100 in 2005.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

An iPhone 6 prototype has one week of battery life

Apple's September 9th event is official, Intelligent Energy builds an iPhone 6 that lasts one week without a charge and will your iPad take direct phone calls?

by Brian Tong