Hackers put smartphones on their next attack list

PUBLISHED : Friday, 06 January, 2012, 12:00am
UPDATED : Friday, 06 January, 2012, 12:00am


A computer security watchdog warned that hackers could make smartphones their next target, after it received a record number of security and virus alerts last year.

The growing use of cloud computing - where data is stored on remote internet servers - was also increasing vulnerability, the Hong Kong Computer Emergency Response Team's Co-ordination Centre said yesterday.

'Smartphones are still not adequately protected by security tools, and the awareness of individual users is still low,' said centre manager Roy Ko Wai-tak. Figures showed that as people became increasingly dependent on technology, hackers would target them and attempt to steal their personal information.

He said the centre received a record 343 security alerts from websites and software providers last year, up from 308 the year before.

'Attackers target platforms that gather more people, because that's where the largest amount of information is collected,' Ko said.

He expected smartphones and tablet computers to be involved in some major loss-of-security incidents. Social networks, such as Facebook and Twitter, would also probably be targeted.

'Other than security issues, it's also easy for people to lose their devices or have them stolen resulting in information leakage,' Ko said.

Users of mobile phones and computers who stored information on remote servers should be particularly careful, because once a server was hacked, a large pool of information could be stolen. Ko advised that sensitive information be stored locally.

While hacking alerts had risen overall, the centre said the number of security breaches reported by Hongkongers dropped to 810 last year from 980 in 2010, while reports of viruses dipped to 145 from 162.

More than a third of all reports were related to hacking. About 280 of last year's 810 security breaches involved phishing - a method of trying to trick people into revealing information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Other incident reports concerned viruses, defaced websites, spamming, code injection and spyware - which records details of calls, text messages or the user's location.

The centre gathers information about computer security incidents to help local users and enterprises.