When Guglielmo Marconi first demonstrated wireless telegraphy in 1896, he probably did not foresee an era when the telephone would be wireless and subsequently utilized to facilitate global commerce. According to Gartner, the world is expected to have over 1.8 billion smartphones by 2013. Wireless and mobile computing represent the true convergence of cyberspace and the physical world.
Of course, one must respect the fact that there is often a dark side to convergence – and that’s clearly the case here. Any communication channel can be vulnerable to attacks against the confidentiality, accessibility and integrity of the transferred data. Open network technologies allow for faster, more widely distributed business, but create a fertile environment to commit crimes of significant magnitude and complexity with incredible speed. Simply put, Pandora’s Box was opened years ago when corporations allowed wireless devices into their secure enclaves.
The cybercrimes of today are not new in concept – fraud, theft, impersonation, denial of service and related extortion demands have all plagued the financial services industry for years. However, the widespread use of the Internet and emerging wireless technologies to carry out these acts has exposed everyone using information technology to crimes of greater impact and scope. In recent years, this “digital insider” phenomenon metastasized as the widespread compromise of corporate, financial and government IT systems increased with little deterrence.
Strategically, cyber attacks have evolved over the past year. New delivery vectors like Wi-Fi and mobile operating systems allow for greater illicit network access. Mobile risk is here to stay. In order to defend against the Advanced Persistent Threat (aka the digital insider) the United States government has issued a directive to all agencies regarding continuous monitoring defined in NIST special publication 800-37: “Continuous monitoring should encompass not only the traditional passive monitoring of security logs, events and incidents, but also ongoing proactive attack-based security testing on the live environment to gauge its ability to defend against and react to current and future threats.” The future threat of wireless infiltration is here.
Top Wireless Attacks on 4G
4G, the most exciting new technology in wireless to most mobile consumers, works to be more secure than its predecessors. Unfortunately, the system is still subject to major security vulnerabilities. Devices equipped with 4G experience backward compatibility issues since they also have 3G or GSM capabilities. This makes the devices vulnerable to issues inherited from 3G and GSM – and the same problem holds true when it comes to connecting to Wi-Fi. In Europe there have been instances of fake 2G base stations used to attack processors of 3G and 4G.
4G also has a roaming vulnerability associated with mutual authentication: a fake network can easily claim to be a “roaming partner.” Telecommunications companies in Eastern Europe have been rumored to exploit roaming vulnerabilities and claim higher roaming rates by boosting the power of towers in border regions to jam signals from neighboring countries. Finally, mobile devices are highly vulnerable to client-side attacks. The iPhone is particularly problematic as its use of 3G or Wi-Fi allows it to become a stepping-stone to sensitive secured wireless networks.
Mobile Risk Management for 4G
While in many ways more secure than 3G, GSM or Wi-Fi, 4G is vulnerable to the issues encompassed by those technologies due to backward compatibility issues; however, those can be contained by taking many of the mobile risk management steps recommended for those technologies. In order to address the problematic issues of client-side attacks and roaming vulnerabilities, an essential measure is to restrict exactly what devices are permitted to connect to the network.
Tackling this issue requires organizations to first understand the panorama of their wireless landscape. They can gain greater wireless situational awareness by obtaining capabilities for identifying what devices exist in their environment and conducting wireless penetration tests to ascertain the attack paths that can be leveraged into their infrastructure. Any critical attack pathways identified must be mitigated accordingly. Even approved mobile devices should be limited in their functionality of certain applications and processes particularly when near critical control systems and sensitive areas of your environment.
The exponential evolution of wireless technology has brought revolutionary change to the way that businesses and countries are run; it has ushered in the age of technology and significantly improved standards of living globally. Security vulnerabilities are not a reason to stop using wireless; however, users need to be situationally aware of their wireless landscape and conduct mobile risk management exercises on a frequent basis.