Emerging Threats in the Mobile Environment: Part Three

Before mobile carriers introduced unlimited messaging, large spamming campaigns via SMS (Short Messaging Service for text messages) or MMS (Multimedia Messaging Service) were simply too cost prohibitive. To reach mobile phones, spammers relied on traditional email messages sent via the data network.

On the data network, IT can detect and help guard against activity from bad IP senders and email domains, as well as track suspicious messaging events that exceed rate limitations on monitored email gateways. In addition to this layered defense system for smartphones on the data network, there are personal email blocking features for users, configurable through web portals or the handset itself.

Mobile Originated Spam

With the introduction of unlimited messaging, the wireless network suddenly became an affordable medium for spammers, and mobile originated (SMS/MMS) spamming was born. Given the increase of smartphone adoption and the continued success of spammers, consortiums on mobile security believe this type of spamming will evolve at an accelerated rate.

Currently there are limited device-level security features, and the in-depth network defense visibility found in traditional spamming does not yet exist in the SMS/MMS space. However, the security mechanisms and processes for SMS/MMS spamming are evolving at nearly the growth rate of such spamming. The development of  these mechanisms is vital to preparing for the looming SMS/MMS security threat and its potential impact.

For The Enterprise, This Impact Can Be More Than an Inbox Full of Nuisances:

  • Using messaging to send bots, worms or malware that proliferate and are able to steal (phish) or compromise data
  • Applying tricks like “spoofing” to make the message appear as if it originates from a reliable source.
  • Flooding corporate networks with massive amounts of junk mail that literally shut down service.

Spam Attack

As smartphone usage grows, cyber criminals are becoming more resourceful and adaptable. In one case, users received an SMS message instructing them to click on a web link included in the message. By so doing, unsuspecting users downloaded a worm. The worm allowed the cybercriminals to continue their silent attack by sending a replica SMS message to each of the user’s contacts.

In another instance, security researchers uncovered a memory corruption issue that existed in a maliciously crafted SMS message. Ultimately, the vulnerability could have granted a criminal the ability to do any number of things, including load unsanctioned code onto a smartphone, steal data or track the smartphone via GPS, enable the microphone for eavesdropping, or use the device as a platform to launch a botnet or a widely distributed DoS attack.

Securing the Mobile Enterprise (continued): Multi-Layered Security Strategy

In the next several entries, we will focus on an evolved multi-layered security strategy for the new world of mobile threats.  Since the mobile perimeter must be protected end-to-end as sensitive information is accessed, stored and transported across the enterprise, we will examine:

  • Endpoint Device Control
  • Moving Authentication to the Network
  • Centralizing Network Traffic
  • The Network as a Risk Manager

Make sure you take a look at Part 1 “Securing the Mobile Enterprise” and Part 2 “Attack of the Mobile Botnets” of the series.

The Networking Exchange Blog Team About NEB Team