With mobile devices, the attack could theoretically come from thousands of compromised devices in the same region or country as a bank's customers, making it difficult for the bank to divert traffic without disrupting service.
"It's going to make it much more difficult when these devices are coming from the same exact place as your actual customers live," Pascual says.
To make it more difficult for hackers to compromise mobile devices, banks and retailers should educate customers about security on smartphones and tablets, Pascual says. In addition, organizations need to pressure carriers and manufacturers to release software updates quickly.
Such efforts will likely increase as carriers roll out apps to turn smartphones into electronic wallets. For example, mobile wallet apps are available for Android smartphones today from Verizon Wireless, T-Mobile and AT&T. The apps are only available to customers in Austin, Texas, and Salt Lake City.
As the apps get rolled out nationwide, security will have to be addressed at a much larger scale, Pascual said.
Sign up for Computerworld eNewsletters.