Airborne wireless viruses pose the next big security threat as wireless devices standardise formats and their usage grows, says Symantec chief John Thompson.
Hackers looking for kicks will attempt to destroy not only mobile business data but also the personal data stored on many personal digital assistants, he says.
Already this year the Palm.Liberty.A trojan virus deleted programs on handheld devices, and the Timofonica virus caused infected PCs to send text messages to randomly selected customers on Spain’s largest cellular phone provider, Telefonica.
“The problem is that the Palm operating system has been written, much like Microsoft wrote its system, as open enough so that people can write applications for it,” says Thompson, who is Symantec's president and chief executive, on a visit last week to Auckland.
“Well guess what, one of those applications could be a virus. As [wireless devices] become the most used device, hackers – mostly those who do it for fun rather than those who do it for real harm - they will target those devices as the next big thing.”
Symantec says this security risk is set to skyrocket as wireless protocols standardise, allowing larger scale attacks – for example, SMS technology may in the future allow programs to be sent, not just text messages – and as mobile devices are better able to access and use business applications within a network.
Today, most cellphones are not reprogrammable and portable devices are low on processing ability, limiting their vulnerability. The next generation, intelligent and programmable cellphones, which with 3G technologies will become “always connected”, and hand helds with higher processing power, will be more susceptible to infection.
Thompson, who joined Symantec in April 1999 after 28 years at IBM, most recently as general manager IBM Americas, said his research team had launched a public beta antivirus solution for Palm devices and is working on breaking down a number of new virus types. These include polymorphic viruses, where the core of the virus behaves the same but the rest of it changes and disguises itself, and 32-bit viruses, often called metamorphic viruses, which have no common pattern and are different each time.
Such security development work is part of Symantec’s new strategy, which Thompson introduced to turn the company around from slow growth. Symantec has sold non-core software products including the Act! contact management software set, and acquired four security-based companies.
Its rivals now include Network Associates, Computer Associates and New Zealand-based Marshall Software. Thompson says the acquisition of Axent Technologies, an enterprise intrusion detection specialist, will strengthen the company’s position and provide “huge opportunities” in the Asia Pacific region, where Axent currently has only a small presence and three employees.
But despite releasing results for the three months to September 30, 2000 showing revenue up 14% to $US192.3 million and net profit up 48% to $US45.8 million, the market was disappointed by corporate sales growing only 8% to $US86.5 million, below expectations.
Symantec will not be on the same strong acquisition trail this year, he says, but will be looking to make profits out of its acquisitions. As for stress on his shoulders - nothing to it, Thompson says. “I sleep like a baby - sleep for an hour, get up and cry for an hour.”