Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition Chapter 7 Hacking Mobile Phones, PDAs, and Handheld Devices
Objectives After completing this chapter, you should be able to: Describe different types of handheld devices, including BlackBerrys, PDAs, and ipods Identify the different operating systems available on mobile phones Name vulnerabilities in mobile phones Identify ways an attacker can hack into handheld devices 2
Objectives After completing this chapter, you should be able to (cont d): Describe viruses and antivirus protection for handheld devices Adequately defend cell phones and PDAs against attack Identify and use various security tools Give mobile phone security tips 3
Introduction to Hacking Mobile Phones, PDAs, and Handheld Devices This chapter Focuses on hacking mobile phones, PDAs, and other handheld devices Discusses the different types of handheld devices investigators have to be aware of Talks about the vulnerabilities present in the different handheld devices Discusses some of the security tools available and how to protect these devices from attack 4
Types of Handheld Devices Three main categories: mobile phones, PDAs, and portable external drives Smartphones Programmable mobile devices running one of several available mobile operating systems Smartphone: BlackBerry Introduced in 1999, set the industry standard for the smartphone Provides a number of applications 5
Types of Handheld Devices BlackBerry Wireless Security BlackBerry Encryption Security (BES) mechanism meets U.S. military standards BES uses encryption methods such as the Advanced Encryption Standard (AES) and Triple Data Encryption Standard (Triple DES) Private keys are created in a secure, two-way authenticated environment 6
Types of Handheld Devices Smartphone: iphone Includes a touch-screen keyboard and an open API with strong developer support, a large base of apps, and built-in GPS technology Smartphone: Samsung Galaxy Series Introduced in 2009 Uses the Android mobile OS Offers extremely strong developer support 7
Types of Handheld Devices Figure 7-1 Data from IDC showing Q4 2012 worldwide smartphone shipments 8
Types of Handheld Devices ipod Portable digital audio/video player designed by Apple Computer Can also be used as digital media storage devices Small size and easy operability make them suitable for criminal activity Can be hacked or customized using various techniques Example: can be configured to act as an external booting device 9
Types of Handheld Devices ipad 9.7 touch screen tablet PC made by Apple Current versions have an LED-backlit multi-touch display with IPS technology Includes a built-in camera and a fingerprint identity sensor for security Microsoft Surface 10.6 wide touch screen display that also comes with USB support, a dual Wi-Fi antennae, and built-in kickstand to make the tablet stand up by itself 10
Types of Handheld Devices Amazon Kindle and Kindle Fire Started out as a series of e-book readers Kindle Fire, introduced in 2011, features a color 7 multi-touch display with IPS technology Runs a custom version of Google s Android OS called Fire OS MP3 Players Can be hacked and used as data drives Flash Drives Susceptible to some of the same vulnerabilities and threats as ipods and MP3 players 11
Common Operating Systems in Handheld Devices Mobile Phone Operating Systems Palm OS Windows Mobile OS Symbian OS Linux Android ios 12
Common Operating Systems in Handheld Devices Figure 7-2 This shows three operating system structures in mobile phones 13
Common Operating Systems in Palm (Garnet) OS Handheld Devices Has been used since 1996 First developed by U.S. Robotics for PDAs Windows Mobile Operating System A noncomponent-based OS used in mobile devices and smartphones Offers mobile versions of Microsoft Office, Internet Explorer, Windows Media Player, and the Microsoft API 14
Common Operating Systems in Handheld Devices Symbian Operating System An open mobile OS developed in 1998 Supports CDMA, GSM, and GPRS Linux Operating System An open source OS that provides Internet access, VoIP, and Wi-Fi Both Apple ios and Android are custom-based on versions of the Linus OS 15
Common Operating Systems in Handheld Devices Android Operating System Created in 2003 and acquired by Google in 2005 Has become the dominant mobile OS in the world today Apple ios Easy-to-use interface Foundation of the iphone, ipad, and ipod touch 16
Vulnerabilities in Handheld Devices Evolution of the Mobile Threat Mobile malware is a fast-growing threat that is difficult to detect Malware can spread over the following: Mobile networks and the Internet SMS Bluetooth technology and Wireless Symbian installation files (SIS) MMS USB devices Infrared 17
Vulnerabilities in Handheld Devices Mobile Vulnerabilities Weak Server Side Controls Insecure Data Storage Insufficient Transport Layer Protections Unintended Data Leakage Poor Authorization and Authentication Broken Cryptography Client Side Injection Security Decisions Via Untrusted Inputs Improper Session Handling Lack of Binary Protections 18
Hacking Handheld Devices Hacker can retrieve data from bricked device using a number of tools to unlock it and restore software A brick is a device that cannot function in any capacity Hackers can also attack mobile phones using spyware and other mobile malware Hackers can insert viruses and spyware in mobile devices using Bluetooth or GPRS 19
Mobile Malware Propagation Mobile malware spreads via the Internet It first infects PCs; the infected PCs can then infect smartphones via infrared and Bluetooth The infected device can spread malware to another mobile device by using General Packet Radio Service (GPRS) Allows hackers access to critical and confidential information stored on the device 20
Mobile Malware Propagation Spyware Manipulates SMS messages and enables them to be read by others Botnets Bots are software applications that run automated tasks over the Internet A collection of bots present in a channel is a botnet Can pose DoS attacks or spread Trojans and worms DDoS Floods Botnets can be used to create DDoS floods 21
Spyware Spy apps can be used to track: Text and e-mail messages Location Web sites visited Phone calls Photos and videos taken 22
Malware Mobile malware has seen a dramatic increase in recent years According to a report released in October 2014: More than 175,400 new, unique, malicious programs were discovered in the first half of this year for Android alone 23
BlackBerry Attacks: Blackjacking Blackjacking A method of hijacking BlackBerry connections Attackers make use of the BlackBerry environment to penetrate the security perimeters and directly attack the host network BBProxy is a security assessment tool that allows an attacker to use BlackBerry devices as a proxy between the Internet and the internal network 24
iphone Attacks Jailbreaking The process that unlocks iphone and ipod devices to permit the installation of third-party applications Tools used for jailbreaking include: idemocracy iactivator independence ifuntastic AppSnapp 25
iphone Attacks iphone Unlock Tool iphonesimfree anysim 26
PDA Attacks Largest threat to PDAs is theft of the device Secure the data on the device and password-protect the device Second-largest security risk to PDAs is viruses PDAs that use wireless services or wireless ports are vulnerable to wireless attacks Specific PDA Attacks ActiveSync Attacks (for Windows Mobile Pocket PC devices) HotSync Attacks (for Palm devices) 27
Trojans and Viruses Known Trojans and viruses: Mobile Phone Trojan: ibanking Used in conjunction with PC malware to defeat mobile-based security mechanisms used by banking sites DeathRing A Chinese Trojan that is preinstalled on a number of smartphones most popular in Asian and African countries Masquerades as a ringtone app 28
Trojans and Viruses Known Trojans and viruses (cont d): ios Attacks Masque Attack apps mimic legitimate apps and are designed to steal a user s login credentials and bank information Equal Opportunity Malware Inception-Cloud Atlas is a malware that targets Windows phones, Android phones, and jail broken iphones Mobile Phone Trojan: Gomal A Tic-Tac-Toe Trojan 29
Defending Handheld Devices Best Practices Take precautions to secure your cell phone and PDA Remember physical security Keep software up to date Choose a good password Install and maintain antivirus software and firewalls Protect your personal information, such as an e-mail address and cell phone number Do not follow links sent in e-mail or text messages Be wary of downloadable software 30
Defending Handheld Devices Best Practices (cont d) Evaluate your security settings Take advantage of security features offered on your device Remember or record the IMEI of your mobile handset, which makes it easier to deactivate your mobile device when it is stolen International Mobile Equipment Identity (IMEI) is a unique 15-digit or 17-digit code used to identify a mobile station to a GSM network Protect your device with a SIM lock 31
Defending Handheld Devices Protecting an Organization from Mobile Vulnerabilities Develop a company-wide plan that outlines security policies and restrictions for mobile devices, including the following: A limit to password attempts Archiving and backup procedures Procedures for cleaning and reassigning devices A standardized encryption scheme A procedure for reporting lost or stolen devices 32
Defending Handheld Devices Protecting an Organization from Mobile Vulnerabilities (cont d) Apply security software to all mobile devices Standardize mobile devices and applications within the organization for easy updates and end-to-end encryption Prevent users from installing unauthorized applications that could affect the company s network Educate users about best practices, policies, and procedures concerning the device Monitor or audit device use to ensure compliance 33
Defending Handheld Devices Antivirus Software Kaspersky Antivirus Mobile AVG Antivirus for Android BitDefender Mobile Security Symantec Mobile AntiVirus McAfee VirusScan Mobile 34
Summary With mobile hacking, an attacker can hijack a session, steal a mobile device and information, or spread malware Mobile malware is a fast-growing threat that is difficult to detect Blackjacking is using the BlackBerry environment to circumvent perimeter defenses and attack hosts on an enterprise network The ipod s large storage capacity and rapid data transfer over USB make it potentially useful for attackers 35
Summary Jailbreaking is the process of hacking the iphone and ipod Touch devices to install third-party applications An entire enterprise can be at risk when a single trusted device is stolen and hacked Encryption, antivirus software, security software, and backups can all help preserve data that could be compromised by a hacker 36