Mobiles: The next Net security threat

It may be useful and fashionable. But the cellphone in your hand may someday become a very dangerous weapon.

Computer experts around the world are worried that cellular phones may be the next biggest threat to the security of the growing world of the Internet.

Herve Bourgeois, European chief executive officer of Israeli firm Check Point Software Technologies, warned that computer hackers may take advantage of the lack of laws governing cellphones to launch attacks on the Internet.

"Personal computers are at present the weak link in Internet security," he told ZDNet, a computer news network. "Tomorrow, it will be the mobile phones."

Bourgeois is particularly worried about the Wireless Application Protocol or WAP which allows cellphone users to have an access to the Internet. Aside from generating more traffic, he said the WAP technology can provide hackers the medium to break into vulnerable networks and launch viruses such as the "Love Bug" which paralyzed millions of computers around the world early this month.

"Canny users can hack into vulnerable databanks using their mobile phones and store the information on laptop computers," he said. "Or they can unleash a virus before disappearing."

Unlike the present Internet technology where a user accesses the Internet through a telephone line and a modem, anyone using cellular phones could disguise his or her location while in the process of either unleashing a virus in cyberspace or infringing into a remote system's security settings.

At present, Internet users are easily tracked down because everytime they log on into cyberspace, their presence in the World Wide Web is always stamped with the Internet Protocol (IP) address that has been provided to them by their Internet service providers (ISPs). Besides, several ISPs have also been using the telephone dial-up identification technology to log and monitor Internet users.

But cellular phone companies in the country that sell units equipped with WAP technology have boosted their marketing scheme by providing pre-paid and pre-activated accounts, which is feared to be soon exploited by hackers to conceal their identities.

Prior to the attack of the "Love Bug" which was traced to the Philippines, authorities were tackling problems involving the abuse of cellphones, particularly in text messaging.

Messages reporting the alleged death of the Pope and former President Fidel Ramos spread like wildfire last month, triggering a debate on whether it was about time to enact a law regulating the use of mobile phones.

President Estrada himself has been annoyed with the obvious misuse of the technology since he, too, has been maligned in numerous text messages. He already ordered appropriate agencies to make a study on the effects of cellphone abuse to society.

The Department of Education, Culture and Sports earlier had banned the use of cellphones in schools after receiving reports that students were using the phones to cheat in their examinations.

But Bourgeois sees more danger from cellphones than just spreading wild rumors and passing on test answers.

He said hackers in the future could use these phones to steal vital information and authorities would never have a clue as to how they did it.

"Hackers using mobile phones would be much more difficult to locate as they could use stolen equipment and then destroy it after use," he pointed out.

Bourgeois noted that the only way to combat such future threats is for governments and businesses to invest in tightening their security.

This early, several banks in the country have opened their doors to mobile banking, meaning their accounts can now be accessed through cellular phones.

"Security systems will have to be loaded on mobile phones and passwords giving access to private networks reinforced, since these devices will soon be used for banking transactions," Bourgeois said.

Bourgeois' company has developed a software called Cyber Attack Defense System that provides additional security to banks and other companies with computer networks.

He said the new system "can automatically identify, analyze and prevent cyber attacks launched on an e-business Web site."

"The software is also capable of cutting off attacks by immediately blocking traffic from identified attackers," he said.

Bourgeois, meanwhile, said that if there was something good that came out of the ILOVEYOU virus attack, it was the realization that advanced networks are still vulnerable to even the most primitive viruses.

He said the billions of dollars lost to the "Love Bug" would pale in comparison to the damage that hackers in the future could wreak through their cellphones since the most obvious target would be important data contained in hard drives.

"The Love Bug cost several hundred million dollars in repairing e-mail addresses, but it's nothing compared to what future viruses could do to hard drives," he said. "People are now realizing that they cannot develop business in the Internet without security." --