By Dr. James Marion
Faculty Member, School of STEM at American Public University
There was a time when cellular phones were not something that we thought about in terms in need of “Cybersecurity”. The only remote concern of cellular phone subscribers from the 1980s to the early 2000s might be the danger of someone listening in to phone calls. However, since cellphones are by definition continually being switched from tower to tower (or “cell to cell”), the likelihood of someone listening in was generally considered to be very low.
Now concerns about phone security are in the news and seem to be growing daily. So what happened? Why now?
How Smartphones Became Smart
From the inception of cellular phones in the U.S. and Europe, manufacturers developed phones around a single processor. This processor managed all communications with the remote cell towers while at the same time controlling all radio and baseband functions including power management, the display, and the keyboard. Each keystroke detected by the processor set up a communication session with a cell tower while at the same time displaying call information and opening paths for audio and radio frequency transmission. This was a large burden on a single processor. For this reason, user interfaces and associated features were supported by a thin proprietary operating system developed almost as an afterthought by manufacturers.
Growing competition led to the need for manufacturers to differentiate themselves by adding additional features and functions including larger color displays, synchronization with PCs, and games. This in turn drove the need to add an applications processor to the phone to support user interfaces that were growing in complexity. With the advent of a second processor, the architecture became increasingly complex and expensive to develop. Manufacturers began to see that it no longer made sense to try and devote significant resources to operating system development along with applications that were unique to a particular OS. The next logical step was a standardization of operating systems. Beginning with Symbian, and Nokia’s Series 60 platform, we saw the rise of Linux-based systems such as Android, the Microsoft OS, and finally Apple.
Open OS and Vulnerability
Standardized operating systems, unlike proprietary operating systems in earlier cellphones, provide sufficient critical mass in the marketplace to make them targets for malicious software. “Malware” is the term generally used for the type of software that might cause problems in smartphones. This is because technically speaking, smartphone operating systems do not allow the replication associated with viruses that infect personal computers. However, malware may come in the form of a piece of software that takes your contacts and passwords and performs actions such as sending unauthorized texts or emails. Since smartphones typically synchronize email and contacts with PCs—all of your contacts may be at risk.
How Can We Prevent Smartphone Security Breaches?
You will be better off if you protect your smartphone in the same way that you may treat your PC. This includes the following:
- Avoid downloading 3rd party software that is not approved by the store associated with your operating system (example: iTunes, Google Play).
- Avoid clicking on links in Websites in which you are not familiar.
- As always, don’t click on links in suspicious emails!
Although viruses per se are not something with which smartphones will be infected, malware offers the same concerns as you would have for your PC. This is because the smartphone has come a long way in terms of becoming more “PC-Like” with its standard operating systems and applications processors. So be careful how you use your smartphone!
About the Author
Dr. Jim Marion, PMP has 23 years of experience in developing products, managing programs & projects in companies including NEC and Panasonic. Dr. Marion holds a Ph.D. in Organization and Management, IT Management Specialization from Capella University, a Post-Graduate Certificate in Business Research Methods from Heriot-Watt University and an MS in Engineering from The University of Wisconsin-Platteville. He also earned an MBA/MSc. from The Edinburgh Business School of Heriot-Watt University. Dr. Marion is a certified Project Management Professional (PMP).
Online Degrees & Certificates In Cybersecurity
American Military University's online cybersecurity programs integrate multiple disciplines to ensure you gain the critical skills and management practices needed to effectively lead cybersecurity missions – from government or private industry. Learn from the leader. American Military University is part of American Public University System, which has been designated by the National Security Agency and the Department of Homeland Security as a National Center of Academic Excellence in Cyber Defense Education.