A security hole in an increasingly popular technology for extending the range of cell-phone coverage may be a mobile spy station.
Network extenders are increasingly being offered by carriers to provide better phone reception in areas with a weak signal, including private residences. In fact, they’ve become a preferred solution for boosting signal in otherwise hard-to-reach areas. However, new research reveals that they may also be compromising the security of their network and putting customers at risk. At the recent Black Hat Conference, researchers demonstrated how a security flaw allows hackers to tap into mobile phones’ calls, texts and photos via the popular network boosters.So, how do you know if you are at risk or if your cell phone is being hacked?
Back from a recent trip overseas, a member of our sales team came into my office and asked this all too familiar question. Determining if a network-connected device, whether it’s a smartphone, a laptop, workstation, or server, has been hacked is a painful, yet common, subject in security. As security experts, we are perceived as the all-seeing eyes and ears into the shady world of IT attacks. But, in truth, many of the best exploits in the wild of the Internet today can go undetected for years until some indirect evidence arises indicating a security compromise.
This indirect evidence can manifest itself on smartphones in a number of ways. Unexplained text messages to contact list members, odd charges in call or data bills from your provider, and service disruptions are the low hanging fruit of sloppy attacks from spammers and other fly-by-night criminals. More sophisticated attacks from such as the Zeus-in-the-Mobile (Zitmo) bot can be used to siphon funds from bank accounts, or lead to follow on attacks against email or other services whose login and passwords were stored on a smartphone. However, the most worrisome attacks are the ones that never touch the phone at all, but target the networks a smartphone relies upon to communicate.
In order to improve our chances of detecting attacks against our companies’ vulnerable information, security personnel have turned to organizations such as the United States Computer Emergency Readiness Team (US-CERT) to keep abreast the latest vulnerabilities and pool information about attacks. Updates from US-CERT help security personnel identify at risk software and devices, and mitigate attacks soon after they’re discovered. A great example of these alerts can be found here.
As the vulnerability in the Verizon Wireless Network Extender shows, the network often remains the softest point of attack for black hats. At the recent Black Hat conference hackers demonstrated that for only $250, a hacker can exploit the vulnerable device described by US-CERT into a fake cell tower that secretly slurps up data from unwitting and uncompromised smartphones, including their voice, text messaging, and data traffic.
With an estimated 50 million network extenders, also known as femtocells, projected to be in use by 2014, it remains integral that users protect themselves from such attacks. Fortunately, tools exist to secure voice and text communications from prying ears and eyes like KoolSpan’s strong, FIPS 140-2 level 1 validated cryptography that thwarts attacks even in the face of assaults against a carrier network. Koolspan’s TrustChip can protect your mobile calls and data. Don’t leave yourself vulnerable to these attacks.