Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Threat Evolution in Wireless Telecommunications Frank Quick

advertisement 
International Telecommunication Union
Threat Evolution in
Wireless
Telecommunications
Frank Quick
Sr. Vice President, Technology
QUALCOMM Incorporated
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
Industry Data (Worldwide)
ITU-T
o In 2002, there were
• 570 million installed PCs (Gartner)
• 1132 new viruses discovered (Symantec)
• 105 computer virus infections per 1000 PCs
(ICSA labs)
o In the same year there were
• 1.1 Billion cellular phone users (Yankee
Group)
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
2
Today’s Mobile Phone
ITU-T
o 100+ MHz processor
o 10+ Mbytes flash memory
o Medium-bandwidth IP connectivity
o Downloadable applications
• Have access to user data
• Can initiate data connections
• Can send arbitrary IP packets, SMS
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
3
Tomorrow’s Mobile Phone
ITU-T
o 1000+ MHz processor(s)
o 100+ Mbytes flash memory
• More if socket provided
o High-bandwidth IP connectivity
o Broadcast content reception
• Digital Rights Management
o Downloadable applications
• Wider range of functions
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
4
The Mobile as Computer
ITU-T
o Mobile phones can now do most things a
PC can do, therefore:
o Mobile phones will likely become a target
for malicious code, as have PCs.
o To date, only a few such attacks have been
discovered for mobiles; however,
o It would be unwise to assume this is
because mobiles are less susceptible than
PCs.
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
5
Attacks on Computers
ITU-T o Motivation
• Peer prestige, revenge, profit, theft
o Objectives
• Disruption, spyware, trojan software
o Methods
• Self-propagating viruses and worms,
infected files and applications (e.g. games)
o Access
• Internet, messaging, over the air
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
6
How Weaknesses Are Found
ITU-T
o An attack often begins by finding a
repeatable way to crash a platform
• Generally, attacks aren’t created by
analyzing source code – usually not
available
• The binary code, on the other hand is
accessible in the .exe file
• (For many phones, binary code is also
available via diagnostic ports.)
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
7
How Attacks Develop
ITU-T
o The attackers share information about
weaknesses
o A more sophisticated attacker looks at the
binary code to see what causes the crash
• E.g., if it’s a buffer overrun that overwrites
the stack, it may be possible to modify the
input to execute arbitrary code
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
8
How Attacks Grow
ITU-T
o Once an exploit is developed, it is often
made widely available on the Web
• Documentation of the vulnerability
• Attack scripts and source code
o This allows many variant attacks to be
created, making prevention difficult
• Virus-checking software updated often
• (Bandwidth limits make this expensive for
mobiles)
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
9
Differences: Mobiles vs. PCs
ITU-T
PCs:
Mobile phones:
o Many PCs use the same
o Diverse OSs, but
brand Operating System
o PCs can run both the code
under attack and the
attack software
converging
o Phones can’t directly run
attack software (special
hardware often needed to
extract binary code)
o Other channels are
available for spread (e.g.,
SMS, false base stations)
o Denial of service can shut
down a cellular system
o Attacks are spread by IP,
email or web access
o Denial of service affects IP
services
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
10
The Changing Mobile
User Environment
ITU-T
o In the past:
• Attacks on mobile phones were detrimental
to both the user and operator (cloning)
• Attacks targeted individual phones
o In the future:
• Attacks may be initiated by the user
(cloning, defeating security)
• Viral attacks may target a large population
of mobiles
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
11
Why would a user hack
his/her own phone?
ITU-T
o Upgrading
• The user obtains a better phone (perhaps
stolen) and wants to clone the existing
subscription without paying the carrier.
o Digital Rights Management
• Users want to share files, games, etc.
without paying
o Subscription lock
• The user wants to change operators
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
12
Consequences
ITU-T
o Users increasingly see the operator as an
adversary
o Users may unwittingly become victims of
secondary attacks
• Defeating security features often opens a
path for attack
• Cloning may be accompanied by trojan
installation
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
13
What should manufacturers do?
ITU-T
o Proactively address vulnerabilities
• Automated code reviews
o Develop protocols to update software
after sale
• Preferably by broadcast
o Migrate to secure, trusted platforms
• Prevent core software modification
• Authenticate downloads
• Protect security information
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
14
Can manufacturer efforts suffice?
ITU-T
o No.
• The defender’s problem: any vulnerability
can open an attack
• A perfectly secure platform may still be
vulnerable to insider attacks
• Software updates may be impractical given
the large numbers of mobiles
o Conclusion: operators cannot rely on
manufacturers to prevent cyber attacks
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
15
What can operators do?
ITU-T o Install firewalls
• Isolate critical servers from mobile data
• Block direct mobile-to-mobile packets
• Perform ingress filtering: block mobile
packets with bad “from” IP addresses
o Strengthen and automate responses
• Disable infected mobiles
• Isolate infected subnets
• Scan SMS and other network messaging
• Consider using broadcast code updates
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
16
What won’t work
ITU-T
o Virus scans on phones
• Updating definitions is too expensive
o Virus scans on incoming IP packets
• Encrypted VPN connections prevent
examining the contents of IP packets
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
17
Will operators take action?
ITU-T
o Operators are reluctant to spend for a
threat that has not yet materialized
• Cloning fraud reached double-digit
percentages of revenues before
authentication was deployed
o It is to be hoped that operators will at
least make contingency plans
• ITU-T recommendations could promote
planning
dates
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
18
Conclusions
ITU-T
o Mobile phone computing power and
o
o
o
o
dates
connectivity is approaching that of PCs
Self-propagating viruses and worms may be
possible in mobiles in the near future
Manufacturers should strive to minimize
vulnerabilities to such attacks
Operators should prepare to take
defensive measures
ITU-T recommendations may be useful
ITU-T Cybersecurity Symposium - Florianópolis, Brazil, 4 October 2004
19
Related documents
Document No ___ 21-22 May 2008 Original:________ TELECOMMUNICATION
Document No ___ 21-22 May 2008 Original:________ TELECOMMUNICATION
SE– x October 2012 English only Original: English
SE– x October 2012 English only Original: English
Download
advertisement