BlackBerry Security Exec Warns of Smartphone DDoS Attacks
Research In Motion's VP of BlackBerry Security says he's concerned that online miscreants could increasingly target BlackBerry devices and other smartphones in the future, in attempts to take control of the handsets and employ them to bring down wireless carriers' cellular networks via distributed-denial-of-service (DDoS) attacks.
By Al Sacco
Managing Editor, CIO
BlackBerry and smartphone security in general hasn’t garnered much attention or concern over the past few years–at least from a consumer, or user, perspective; enterprises have been invested in mobile device security since the advent of the PDA.
This plethora of new smartphone users means the potential for gain by hackers or other online baddies looking to crack smartphone security measures is drastically increasing; The more smartphone users, the more devices that could potentially be commandeered and used in various attacks. That means smartphone users are going to have to smarten up when it comes to mobile security awareness and be more vigilant in spotting and stopping potential problems before they happen.
Scott Totzke, RIM’s VP of BlackBerry security, agrees, and he recently spoke with Reuters on the subject.
Totzke told Reuters that he’s concerned compromised or “rogue” smartphones could be used in the future to target and bring down wireless carrier’s cellular networks via distributed-denial-of-service (DDoS) attacks.
Traditional DDoS attacks occur when hackers take control of large groups of computers and then order them to all access one website or service at the same time, overloading servers and eventually crashing or disabling the site.
RIM’s Totzke warned that DDoS attacks could also be perpetrated on smartphone users, with wireless data packets being used to overload and disable carriers’ wireless networks.
Reuters also spoke with Flexilis, a maker of mobile security software. The company’s CTO suggests that such an attack could start with users carelessly installing infected or tainted mobile applications.
BlackBerry smartphones feature safeguards that prompt users after downloading new applications to determine whether or not owners want to grant the apps “Trusted Application status.” (See image above.) And most applications require users to grant certain permissions before the software can access potentially sensitive information like location- or voice-data. But because serious smartphone-related security threats are few and far between at this point, most users simply click on through the warnings without actually considering the implications of downloading and installing what should really be considered “untrusted” apps.
Flexilis told Reuters that it has already identified “virus-tainted” versions of well-known, and generally trusted, applications like Google’s Google Maps for mobile, so avoiding dangerous apps may not be as simple as only installing applications that seem to come from reputable sources.
RIM’s Totzke says the most effective way to protect yourself from BlackBerry viruses and other security threats is to aggressively monitor RIM’s site for security patches and then promptly install them whenever new fixes become available.
Al Sacco was a journalist, blogger and editor who covers the fast-paced mobile beat for CIO.com and IDG Enterprise, with a focus on wearable tech, smartphones and tablet PCs. Al managed CIO.com writers and contributors, covered news, and shared insightful expert analysis of key industry happenings. He also wrote a wide variety of tutorials and how-tos to help readers get the most out of their gadgets, and regularly offered up recommendations on software for a number of mobile platforms. Al resides in Boston and is a passionate reader, traveler, beer lover, film buff and Red Sox fan.