Roel Schouwenberg of Kaspersky Lab Americas made a number of either intemperate or prescient comments to USA Today. It may take a year to find out if he is a fool or a profit.
Schouwenberg predicts that hackers will make major assaults on the Apple (NASDAQ:AAPL) iPhone and handsets running the Google (NASDAQ:GOOG) Android operating system beginning in 2010. “The first malicious programs for these mobile platforms appeared in 2009, a sure sign that they have aroused the interest of cybercriminals,” he commented to the national newspaper. Google is scheduled to launch its own handset, the Nexus One, early next year.
The most often hacked and often attacked software products in history are certainly Microsoft (NASDAQ:MSFT) Windows and Office, although some versions of the software have proven more vulnerable than others. Microsoft regularly issues “patches” and in July went so far as to release a statement saying that its Office desktop applications suite, which has already been hit by cybercriminals, could still be vulnerable to attacks unless users take proper precautions.
Software security has become a multi-billion industry, particularly protecting Microsoft products. McAfee (NYSE:MFE) and Symantec (NASDAQ:SYMC), the two largest software security companies, had $8 billion in revenue between them last year. But, the PC and server worlds are still awash in spam, phishing attacks, and malware problems. The best that can be said about the two software security firms and their competitors is that the problems are not worse than they are already.
The mobile operating system and software businesses are not as mature as they are in the PC industry. The iPhone and its OSX operating system were only introduced two and a half years ago. Android-powered handsets have been widely available in the market for less than a year. Each platform has tens of millions of users and that figure is rising rapidly. Some experts expect another 40 million iPhones to be sold in 2010.
OSX and Android should be a bonanza for hackers and malicious software engineers. It is not clear why people who can disrupt operating systems do so. The reason is not likely to be to make money, although handsets are being used more and more often for banking and financial transactions. Attacks on widely used software are as often as not committed for political purposes or to disrupt global business or government systems. Hacking into Android or OSX probably does not satisfy any of those aims, at least for now.
That still leaves one of the primary purposes for malicious hacking which is simply to cause chaos. A software expert decides to disrupt a large technology ecosystem because he can. As Alfred said in the Batman movie “The Dark Knight”, “… some men aren’t looking for anything logical, like money. They can’t be bought, bullied, reasoned or negotiated with. Some men just want to watch the world burn.” The iPhone OSX and Android operating systems are vulnerable because they are popular and there may not be any comprehensive defense against that.
Douglas A. McIntyre