Rogue mobile devices in your enterprise? RSA day one
- Wednesday, February 29, 2012, 10:06
- Threat Research
While our recent post on BYOD focuses on the prevalence and/or risk of inadequately trained staff potentially creating problems for the core IT infrastructure using their own personal devices for work, it seems others here at RSA are concerned with preventing the exact same thing, but from a different angle. I attended one “lighting round” talk by Rob Malan of Arbor networks and Aaron Turner with N4struct, where they outlined steps enterprises can take toward stopping scammers exfiltrating data, or possibly targeting key individuals' mobile devices, which might be used to gain critical competitive data, for financial gain, potential espionage, or snooping on top execs in your organization.
So how would the crooks do it? Good question. It seems that hackers have managed to figure out how to create a hacked GSM base station “tower” with some low cost hardware – about $5,000 worth – that can emulate a tiny rogue tower, potentially tricking users’ GSM mobile devices into communicating with the fake network, before forwarding the traffic on to the real one. In this way, some of the data transmitted by the device, including potentially sensitive data, can be captured for later use, and/or transmitted back to the mothership for the scammers. Though the talks centered around GSM, Mr. Turner said other technologies like CDMA are not immune from scams either.
So how do you stop