Once a Safe Haven, Hackers Set Sights on Mobile Phones

Mobile phones, long seen as safe amid rising threats to computer security, have become a key target for hackers and an increasing worry for corporate IT departments.

While the first mobile virus dates back to June 2004, risks from hackers remained limited because of the relatively small size of the market.

But this has changed recently with the surge in the smartphone segment, which this year outgrew the PC market, and the new dominance of Google's Android software.

The emergence of mobile payments, which allows shoppers simply to swipe their phones at a cash register, is whetting the interest of hackers and data thieves.

"Mobile security has become a major concern since smartphone transactions are now of much higher value, including corporate data access, managing personal finances and online purchases," said Steven Nathasingh, chief of U.S. research firm Vaxa Inc.

Most consumers have not protected their smartphones. Fewer than 5 percent of smartphones and tablets are installed with security software, according to Juniper Research.

The research firm expects to see a surge in demand with the total annual market for mobile security software growing to $3.6 billion by 2016.

"With more and more mobile devices being hijacked without the owner's knowledge, the risk of identity theft and personal financial loss is intensifying," said Peter Davin, chief executive of Cryptzone.

A study by consultancy Deloitte this week showed that companies in the technology, media and telecom sector expect data stored on staff mobile devices to be their biggest security headache in 2012.

"Employees should be made aware that using a personal device to access corporate data may also have personal implications," said Cryptzone's Davin. "For example if the device is lost, stolen or clandestinely taken over, the organization may decide to wipe data."

In the United States alone, 113 mobile phones are lost every minute, according to research firm Gartner.

For most attacks criminals would need to install software on a victim's phone.

But at a hackers' convention this week Karsten Nohl, a well-known expert on mobile phone security, demonstrated how to get remote control of a phone and sent text messages and made calls from phones to which he had no access.

Nohl used a vulnerability in the GSM network technology -- which is used by billions of people in about 80 percent of the global mobile market -- which operators can patch in their networks, but which is not done by most carriers.