Mobiles are new hunting ground for cybercrime

Danger lurks under guise of favourite game or funny text message sent by friends to smartphones, with UAE phone users twice as likely to fall victim as people elsewhere.

UAE - Dubai - Oct 12 - 2011: An eirati man usisng his BlackBerry during GITEX Technology Week at Dubai World Trade Centre (DWTC) ( Jaime Puebla - The National Newspaper )
Powered by automated translation

ABU DHABI // The danger lurks under the guise of a favourite game or a funny text message supposedly sent by a friend to your smartphone.

The incidence of mobile phone users in the UAE who fell victim to cyberattacks last year was double the global average, a threat that experts warn will increase this year.

Ahmad Hassan, head of research and analysis at the Computer Emergency Response Team (aeCERT) said residents should think of their phone as a mini-computer that requires the same protections against viruses, malware and hacking.

Sensitive information including emails, financial information and passwords are typically stored on smartphones, and are becoming easy targets for cybercriminals.

In the UAE, 72 per cent of adults who go online have been the victims of cybercrime, three percentage points higher than the global rate, statistics released by the online security company Symantec last year showed.

About 20 per cent of all cyberattacks in the country occur on mobile devices, compared with 10 per cent globally.

"There is no one single mobile phone that is secure," Mr Hassan said. "How do we make sure that when I use my phone, no one will be able to access my information? How do I know my phone won't be hacked?"

Last year, the Abu Dhabi Police switchboard was flooded with thousands of prank phone calls over five hours after a BlackBerry spam message made the rounds in the UAE.

When the message was opened, the phone automatically called the emergency number 999, often without the user's knowledge.

Mobile cybercrime is rising worldwide but the trend is particularly alarming in the UAE, where having more than one handset is not uncommon.

"Your mobile phone is your life, if you think about it, and it's not protected," said Bulent Teksoz, the chief security strategist for emerging markets for Symantec.

Mr Hassan said aeCERT, the cybersecurity coordination centre for the UAE established by the Telecommunications Regulatory Authority, has only dealt with "a few cases" of mobile-related cybercrime, mostly related to malicious code embedded in downloaded applications.

But he said it was an issue aeCERT expected to see more of this year.

The centre will launch awareness campaigns that include school visits and presentations in the coming months, specifically designed to educate individuals and companies about mobile threats.

Symantec estimated the net cost of cybercrime in the UAE last year at Dh2.3 billion, consisting mainly of the value of time lost. It estimated the actual amount of money lost as a result of crimes at Dh770 million.

In the UAE it took an average of 16 days to resolve a cybercrime, well above the global average of 10 days.

The Symantec data was collected by interviewing nearly 20,000 people in 24 countries in an online survey.

People who use their smartphones to gain access to the internet in the UAE also far exceeded the global rate: 56 per cent compared with 44 per cent globally.

"Taking basic security precautions isn't enough," Mr Teksoz said. "You need an in-depth strategy, a multilayered strategy. We know there are more and more weaknesses being discovered and more and more threats being developed."

The UAE may be a target because of its stable economy and increasing connectivity.

Mr Teksoz said protection started with simple fixes. Smartphones should be locked with a passcode and users should turn off wireless or Bluetooth access when not needed.

"Don't click on any suspicious links or download any apps from third parties," he said.

Mobile cybercrime will probably take one of two forms, Mr Teksoz said. Either a malicious code will continually send texts to premium numbers, racking up a huge bill for the user, or a programme will send your information to a third party without your consent.