Report: Smartphones will become a way to attack otherwise protected devices

Smartphones will become an increasing menace to network security that could drop malware onto protected devices when they dock to sync or plug into USB ports to charge, security experts say in a Georgia Tech report.

Compromised smartphones will infect computers they may plug into for otherwise legitimate reasons, much the same way malware such as Stuxnet found its way onto laptops via thumb drives, according to the "Emerging Cyber Threats Report 2012" released at the Georgia Tech Cyber Security Summit 2011." It was presented by the Georgia Tech Information Security Center and Georgia Tech Research Institute. The report warns that "mobile phones will be a new on-ramp to planting malware on more secure devices." The document cites an anonymous industry source saying that "... someone who just needs to charge his phone can introduce malware as soon as it's plugged into a computer within that location." Other problems include the differences between laptop browsers and those used on smartphones. The latter display address bars fleetingly, leaving little time to observe the safety status of sites being visited, the report says. "If a user does click on a malicious link on a mobile browser," the report says, "it becomes easier to obfuscate the attack since the Web address bar is not visible." Finding information about SSL certificates a site may be using may be difficult if the information is available through the browser at all, the researchers say.