A security firm in
The move follows a report by
"We've been asked the question by oil and gas and large investment companies," said
"They send employees abroad and have concerns that employees are coming back with infected devices that are then connecting again to the corporate network."
When people travel to a new country, with a new carrier network, they can be susceptible to spyware.
The settings of most smartphones can be adjusted remotely by the carrier network, often without the user knowing.
In some cases, the network can push a phone to download a malware application, which is then installed.
"The two ways you can infect this phone are either state-sponsored, where you go through the national operator, or well-funded espionage, or corporate espionage, where you're looking at infecting systems through fake base stations,"
Mobile phones and other wireless devices connect to the internet through a base station, provided by the national carrier. Most mobile devices will connect to the strongest signal, which is often the nearest base station.
But corporate hackers get around this by tricking phones into connecting to fake stations.
"I park outside your office and I push the power of my base station higher than the local station,"
"Your phone automatically roams on to my base station. The data is transiting through my base station. At that point, my base station is basically a god to your phone."
Tight regulation from
To combat this, Whispering Bell is working with a US-based company, IntegriCell, which has designed a hardware security module that constantly monitors phones for any evidence the settings have been altered remotely.
If changes are detected from the 'gold build' – the model of the phone as it is supposed to work on a local carrier network – it will reset the phone.
"Smartphone integrity is a global problem," he said. "As long as valuable information is stored on these communications devices, there will be people interested in getting access to that information."
But the real threat, he said, was from corporate hackers.
"The non-government actors in the smartphone attack space have been much more innovative than any national intelligence service," he said.
"For example, the data harvesting that takes place on the back-end of free games that people install on the devices is much more prevalent than any sort of targeted smartphone attack perpetrated by some country's spy agency."
Data that can be harvested from the phones of senior corporate executives is often highly sensitive,
"If you have access to oil and gas-flow information, you're able to start hedging on the next day's commodity prices," he said.
"If you have information from companies involved in mergers and acquisitions, you're able to pass information to competitors. There are companies that specialise in this, and it's big business."
Most Popular Stories
- Twitter Names Woman to Board
- Aspen Contracting Adding 300 Jobs
- NSA Tracks 5 Billion Cellphone Records a Day
- Nelson Mandela Dies After Momentous Life
- U.S. Unemployment Rate Dips to 7 Percent
- Consumer Spending Rises, Incomes Fall
- Fast-Food Workers Want $15 an Hour
- Roybal-Allard Tours Gordon Brush Plant
- Ford Mustang Still Packs Power
- W.H. Corrects Itself on Unclegate