Can a Mobile Botnet turn your cell into a “Zombie” phone?

Can a Mobile Botnet turn your cell into a “Zombie” phone?

A Mobile botnet is described as a type of botnet that targets mobile devices, attempting to gain complete control of the device and its contents as well as providing control to the botnet originator. Based on research done by several top computer software security companies, mobile phone botnets are on the rise. Read more

How Vulnerable Are PED’s (portable electronic devices) Against a Hacker?

Most people are unaware of how easily someone can hack into their cell phone. There are devices that allow someone (hacker) to hack into your cell phone by just dialing the number. With this technology, they can also listen to your calls, read your emails and texts, listen to the phone’s surroundings such as conversations going on in the room, gain access to your photos and your social media information or any other information stored on your phone. They can even retrieve your password to your online bank account. Read more

RFID-What does that mean to you?

(Definition: (Radio Frequency IDentification) A data collection technology that uses electronic tags for storing data. The tag, also known as an "electronic label," "transponder" or "code plate," is made up of an RFID chip attached to an antenna. Transmitting in the kilohertz, megahertz and gigahertz ranges, tags may be battery-powered or derive their power from the RF waves coming from the reader.Like bar codes, RFID tags identify items. However, unlike bar codes, which must be in close proximity and line of sight to the scanner for reading, RFID tags do not require line of sight and can be embedded within packages. Depending on the type of tag and application, they can be read at a varying range of distances.) Read more

Security issues on the rise with the BYOD trend

Bring Your Own Device (BYOD) to Work

Surveys indicate that at least 90% of U.S. employees use their personal smartphones for work related tasks. While less than 50% of employees believe that their employers are prepared for security issues that could arise from bring your own device (BYOD) to work.

Almost 40% of employee’s portable electronic devices (PED) are not password-protected. Today, 1 in 10 employees access their own smartphone for work every week. Over 50% of employees access unsecured WiFi networks with their devices which is a known vulnerability.

BYOD Security Risks

It has been reported that some plug-ins and apps are allowing hackers to exploit devices that were connected to unsecured WiFi networks. Large numbers of phones with Bluetooth discoverable modes may still be on and most smartphone users have not disabled this feature on their devices. Hackers now can gain access to all information that has been stored or viewed on your device.

More and more people are using their personal PEDs in their workplace which can open up security breach issues for their employers. An RF shielded device can block incoming and outgoing signals, ensuring that your company’s information is not at risk.


Hacking PEDs Is Child’s Play

Are PEDs (personal electronic devices)  Safe from Hacking

If you think that PEDs (personal electronic devices) are safe while left unattended in a typical locker box during a secure meeting or SCIF read on……

Would you believe that a middle school child could be writing malware (software such as viruses or Trojans designed to cause damage or disruption to a computer system)? We know that kids are very curious and studies have pointed to kids of all ages becoming technically savvy at ages earlier than we expected; but would writing malware ever cross our minds?

It could start out as easy as kids trying to impress their peers by writing spyware and showing their friends that they can hack into their video game logins. This may seem insignificant at first, but some gaming accounts have credit card details allowing users to make gaming purchases. This shows how vulnerable our financial information can be.

Researchers have said, “You teach your children that you can’t take a toy without paying – so we think this type of a message needs to get to the kids when they’re writing software too.”

Compromise our “Mobility Data”

The technology that makes our life so easy allows others to compromise our “mobility data”.  There is a real need to protect our information since it is so simple for even a child to appropriate. Think about the level of protection that you need to protect your trusted information and the countermeasures that need to be put in place to protect that very information.


Cost of Cybercrime

Cybercrime can be felt on a personal level as well as on a national level. Discounting the need to protect wireless information can become costly. According to The 2012 Cost of Cyber Crime Study: United States key points include:

  • Cybercrimes continue to be costly. We found that the average annualized cost of cyber crime for 56 organizations in our study is $8.9 million per year, with a range of $1.4 million to $46 million. In 2011, the average annualized cost was $8.4 million. This represents an increase in cost of 6 percent or $500,000 from the results of our cyber cost study published last year.
  • Cyber-attacks have become common occurrences. The companies in our study experienced 102 successful attacks per week and 1.8 successful attacks per company per week. This represents an increase of 42 percent from last year’s successful attack experience. Last year’s study reported 72 successful attacks on average per week.
  • The most costly cybercrimes are those caused by denial of service, malicious insiders and web-based attacks. Mitigation of such attacks requires enabling technologies such as SIEM, intrusion prevention systems,  application security testing and enterprise governance, risk management and compliance (GRC) solutions.

It seems as though we are always a step behind “hackers”, so we need to take a proactive approach in protecting our wireless information. Becoming aware of the vulnerability and become more knowledgeable of the issues is the first step.

Definitions:

Cyber-attack-
an attempt to damage, disrupt, or gain unauthorized access to a computer, computer system, or electronic communications network.

Cybercrime-
the illegal use of computers and the internet crime committed by means of computers or the internet


New NIST Guidelines for Securing Mobile Devices

According to the National Institute of Standards and Technology, mobile devices must support multiple security objectives, including availability, integrity and confidentiality. This means they must be secured against different threats, which is why NIST recently published draft guidelines outlining baseline security technologies that the mobile devices must include to remain safe.

Businesses and governments are increasingly relying on different mobile devices, including smart phones and tablets. The devices become more popular with their increasing capabilities, making it even more important for them to remain cyber-secure. Read more


RF Shielding Strategies for Improving Wireless Security

Wireless LANs transmit RF signals beyond the walls that surround them and are vulnerable to signals from outside. These issues can potentially present security risks and efficiency problems. To protect the system and improve operations, RF shielding methods should be considered.

Fundamentals of Shielding

RF shielding inhibit the passage of RF signals through a building's walls and windows. Wireless LAN product manufacturers have been creating specialized rooms with Faraday cages for years for testing purposes. While these designs do an excellent job at blocking signals, their walls have to be built from the ground up. As result, this solution isn't practical for use outside of product testing.

When RF shielding is necessary at a facility, RF window films and shielding paint are often used. A wide selection of both products offers varying levels of protection between 40 and 80dB, the frequencies used by wireless LANs. After application of paint to walls and film to windows, a building has a good level of protection for security and performance purposes. Read more


Cell Phone Hacker Know Where You Are

With limited inexpensive gear hackers could readily find where you as well as your mobile phone are without you having any notion. At least this is the decision of a recent study out of the University of Minnesota.

It all rests on the basic fact that the mobile phone network has to monitor your mobile in just a certain broad range so resources can be prioritized by it to supply the greatest service possible. (Most people are aware of the fact that providers must give up such location information when subpoenaed by law enforcement agencies.)

Then when a call is available in to you, the broadcasting tower will send a signal to your phone and waits for you personally to respond. A hacker has the capacity to intercept that sign before you even hear it to be answered by the call. Read more


BYOD Smartphone and Tablet Security Guidelines

BYOD smartphone and tablet security policy guidelines as told by NIST

"Many mobile devices, particularly those that are personally owned (bring your own device [BYOD]), are not necessarily trustworthy. Current mobile devices lack the root of trust features (e.g., TPMs) that are increasingly built into laptops and other types of hosts. Read more