Protection services firms say more powerful handsets make the problem worse Benefits always come with risks. Take the internet, for example. Log on to it, but beware of viruses. Send an e-mail, but know that spam is what you will probably get in return. Shop online to avoid Saturday crowds, but remember all the phishing and fraud. The connected world of PCs is so bad that many experts believe users are turning their backs on benefits that are all but hidden in a haze of risk. Until last year, the world's estimated 1.5 billion mobile phone users were considered safe from the security concerns that now pervade the PC world. But all that changed in June, thanks to a relatively benign worm called Cabir that targeted users of certain smartphones running the Symbian operating system. Though it did no actual damage beyond announcing itself on infected phones and draining battery life scanning for other vulnerable handsets, the illusion of safety was shattered. The floodgates, said security companies, had opened. Cabir was so benign that users could prevent infection by pressing 'no' when given the option to download the file over Bluetooth. Even when installed in the applications folder, the phone's core functions remain unaffected. Skulls, a trojan also targeting Symbian phones, emerged in November and, while it reaped more damage on the phone's operating system, there was little danger of a mass outbreak because it could not spread. Last year also saw the first viruses targeting phones running the Windows Mobile operating system. As 'proofs of concept' these malware were dangerous, security companies said, because once source code appeared online other hackers would move in en masse to create something much worse. 'Already we have seen attempts to combine the severity of Skulls with Cabir's ability to spread - it's only a question of time,' said Matias Impivaara, director of mobile security services at Finnish firm F-Secure. He said F-Secure's mobile antivirus software now contained 20 database entries, most of which were variants of Cabir and Skulls. The emergence of mobile phones as hacker targets has brought many mobile security products to the market. Symantec Asia Pacific senior technical director Tim Hartman said a key driver in the mobile industry was the growing popularity of smartphones. Regular 'solid state' phones, meaning their operating system could not be altered, offered little incentive for hackers, he said. 'Handheld devices are beginning to pack a serious punch with full-blown operating systems,' he said. 'This means that applications can be loaded on to them that may or may not be malicious. [Also,] as bandwidth to handhelds improves and their use expands to business-critical applications we may see hackers and virus writers target this technology more than they currently do.' Mr Hartman said as handheld devices came to resemble computers, security issues that affected PCs would also affect mobiles. 'Most threats to the handheld online community will come from mobile code, such as viruses and worms, and basic phishing scams that trick the user into divulging personal information. 'Internet pests such as spam and spyware are also likely,' he said. 'The problem with the increased functionality of handhelds and phones is that ... the system is more open than it was before and therefore also more open to abuse.' Industry observers predict other trends in the computer industry will be replicated in the mobile industry. For example, just as internet service providers have added antivirus and spam filtering services to maintain service levels for their customers, so mobile operators will do the same. McAfee recently announced a partnership with Japan's NTT DoCoMo to provide virus protection for third-generation phones. Similarly, Finland's second-largest operator, Elisa, announced last October a wireless antivirus service to smartphone customers based on a solution by F-Secure. 'Operators have a business interest in protecting themselves and providing quality of service,' Mr Impivaara said. 'There are only two places calls will go when customers have a problem - to the operator and to the hardware vendor ... they have a vested interest in making sure the problem doesn't get as bad as in the PC world.' Security vendors certainly have a vested interest themselves in talking up the risk, but the statistics appear to be in their favour. Market analyst IDC predicted the market for mobile security software would grow 70 per cent yearly through 2008, reaching US$993 million. Nevertheless, the 20 items in F-Secure's database is a drop in the ocean compared with the almost 90,000 viruses written for PCs, while most mobile users remain unaffected until they upgrade to smartphones. Graham Cluley, senior technology consultant at Sophos, said: 'We have never received a report from a customer affected by a mobile phone virus. The biggest security problem at the moment with mobile phones is leaving them on the train.' How the Cabir virus spreads In a crowded public place, a hacker searches within Bluetooth's range of about 30 metres for mobile phones running in 'discoverable mode', sending the virus, disguised as a security file, to any vulnerable devices. The virus only becomes active if the recipient accepts the file and then installs it. If user clicks 'yes', the Cabin worm will activate and show a dialogue box containing the name the virus author wants to give the worm. Once the phone is infected it will continue to scan for other phones, even if the user tries to disable Bluetooth in the system settings. Many in the industry regard Cabir as a 'proof of concept' virus. But more sinister versions, such as one that comes packaged with the 'Skulls' trojan horse, turn display icons on the Symbian operating system into skulls.