RIM security chief sees smartphone attacks on horizon

A posed Blackberry Storm 2 smartphone is seen at the Research in Motion (RIM) headquarters in Waterloo, November 16, 2009. REUTERS/Mark Blinch

TORONTO/BOSTON (Reuters) - Hackers could one day turn ordinary smartphones into “rogue” devices to attack major wireless networks, Research In Motion’s security chief warned.

Scott Totzke, RIM’s vice-president of BlackBerry security, said hackers could use smartphones to target wireless carriers using a technique similar to one used in assaults that slowed Internet traffic in the United States and South Korea in July.

In what’s known as a distributed denial of service, or a DDOS attack, criminals use phone signals to order tens of thousands computers to contact a targeted site repeatedly, slowing it or eventually crashing it.

“I think that’s an area of concern,” Totzke said in an interview this week at the company’s headquarters in Waterloo, Ontario.

Totzke said a technique involving data packets might be used to bring down a wireless network, though hackers might accomplish that using a relatively small number of smartphones.

Malicious software that could launch such attacks would likely come from applications that smartphone users install on their devices, said Kevin Mahaffey, chief technology officer at Flexilis, a mobile security software maker.

Flexilis researchers have already identified virus-tainted versions of popular smartphone applications such as Google Inc’s Google Maps software and computer games.

“These are not telephones anymore. These are computers. So people are going to have all the problems on their phones that they have on their computers,” Mahaffey said.

The best way to protect against such an attack is through regularly applying security patches, which smartphone makers such as RIM release as they identify potential security flaws in their devices, Totzke said.

Reporting by Wojtek Dabrowski and Jim Finkle in Boston; editing by Frank McGurty