The Latest Hacking Tool: The Smartphone
Insurance Experts' Forum, October 20, 2011
The idea that technology is developing at a speed far faster than our ability to cope with it has been frequented in this blog. Specifically, as we move on to new devices, we are unexpectedly faced with inherent challenges spawned by those devices.
A recent posting on ScienceDaily reports that hackers could potentially use recent models of Smartphones to track what a person is typing on a keyboard just inches away. As the article notes, many of us undoubtedly have the devices nearby—in our pockets or on our desks—while working at our office computers.
According to the posting, a research team at Georgia Tech has discovered how to use a Smartphone accelerometer—the internal device that detects when and how the phone is tilted—to sense keyboard vibrations and decipher complete sentences with up to 80 percent accuracy. The procedure is not easy, but definitely possible with the latest generations of Smartphones.
Admittedly, it is not likely that many such attacks will take place in the near future on insurance or financial enterprises, much less elsewhere. But like many hacking technologies, it is likely to evolve to a point where it presents a much more immediate danger. The real issue here is one that insurer and financial services IT executives have been struggling with for several years—namely, which devices do we allow to access our enterprises?
Of course, anyone could carry a Smartphone into work and carelessly place the unit so as to allow remote hacking by someone with enough interest and fortitude to go through this particular process. That would just be a matter of chance, however. I am inclined to think that the real threat is from corporate spies or simply disgruntled employees who want to steal vital information (passwords, account numbers, confidential memos, social security numbers, etc.) for ill-gotten profit or for plain old revenge. How difficult would it be to place a Smartphone near the computer of a colleague who was dealing with such sensitive information? Not terribly challenging.
So while the threat from newer Smartphones may not be imminent, we must keep it in mind as we look to secure the volumes of confidential data with which we deal in our industry. It is already well known that, for a variety of reasons, wireless computing devices like Smartphones present security risks to our enterprises and data. The new Smartphone hacking technology just adds fuel to the fire in the debate over what devices should or should not be allowed inside our corporate walls or inside our networks.
It may well be that we will see some companies literally requiring their employees to leave their Smartphones or other devices at the door as they enter. IT executives must weigh the risks of allowing wireless devices in the business environment against the clear popularity of such devices with their employees. And in the insurance game, “risk” is a dirty word.
Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.
Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at firstname.lastname@example.org.
This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.
The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.
Add Your Comments...
If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.
You must be registered to post a comment. Click here to register.