PPT presentation


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

PPT presentation

  1. 1. Threat Evolution in Wireless Telecommunications Frank Quick Sr. Vice President, Technology QUALCOMM Incorporated
  2. 2. Industry Data (Worldwide) <ul><li>In 2002, there were </li></ul><ul><ul><li>570 million installed PCs (Gartner) </li></ul></ul><ul><ul><li>1132 new viruses discovered (Symantec) </li></ul></ul><ul><ul><li>105 computer virus infections per 1000 PCs (ICSA labs) </li></ul></ul><ul><li>In the same year there were </li></ul><ul><ul><li>1.1 Billion cellular phone users (Yankee Group) </li></ul></ul>
  3. 3. Today’s Mobile Phone <ul><li>100+ MHz processor </li></ul><ul><li>10+ Mbytes flash memory </li></ul><ul><li>Medium-bandwidth IP connectivity </li></ul><ul><li>Downloadable applications </li></ul><ul><ul><li>Have access to user data </li></ul></ul><ul><ul><li>Can initiate data connections </li></ul></ul><ul><ul><li>Can send arbitrary IP packets, SMS </li></ul></ul>
  4. 4. Tomorrow’s Mobile Phone <ul><li>1000+ MHz processor(s) </li></ul><ul><li>100+ Mbytes flash memory </li></ul><ul><ul><li>More if socket provided </li></ul></ul><ul><li>High-bandwidth IP connectivity </li></ul><ul><li>Broadcast content reception </li></ul><ul><ul><li>Digital Rights Management </li></ul></ul><ul><li>Downloadable applications </li></ul><ul><ul><li>Wider range of functions </li></ul></ul>
  5. 5. The Mobile as Computer <ul><li>Mobile phones can now do most things a PC can do, therefore: </li></ul><ul><li>Mobile phones will likely become a target for malicious code, as have PCs. </li></ul><ul><li>To date, only a few such attacks have been discovered for mobiles; however, </li></ul><ul><li>It would be unwise to assume this is because mobiles are less susceptible than PCs. </li></ul>
  6. 6. Attacks on Computers <ul><li>Motivation </li></ul><ul><ul><li>Peer prestige, revenge, profit, theft </li></ul></ul><ul><li>Objectives </li></ul><ul><ul><li>Disruption, spyware, trojan software </li></ul></ul><ul><li>Methods </li></ul><ul><ul><li>Self-propagating viruses and worms, infected files and applications (e.g. games) </li></ul></ul><ul><li>Access </li></ul><ul><ul><li>Internet, messaging, over the air </li></ul></ul>
  7. 7. How Weaknesses Are Found <ul><li>An attack often begins by finding a repeatable way to crash a platform </li></ul><ul><ul><li>Generally, attacks aren’t created by analyzing source code – usually not available </li></ul></ul><ul><ul><li>The binary code, on the other hand is accessible in the .exe file </li></ul></ul><ul><ul><li>(For many phones, binary code is also available via diagnostic ports.) </li></ul></ul>
  8. 8. How Attacks Develop <ul><li>The attackers share information about weaknesses </li></ul><ul><li>A more sophisticated attacker looks at the binary code to see what causes the crash </li></ul><ul><ul><li>E.g., if it’s a buffer overrun that overwrites the stack, it may be possible to modify the input to execute arbitrary code </li></ul></ul>
  9. 9. How Attacks Grow <ul><li>Once an exploit is developed, it is often made widely available on the Web </li></ul><ul><ul><li>Documentation of the vulnerability </li></ul></ul><ul><ul><li>Attack scripts and source code </li></ul></ul><ul><li>This allows many variant attacks to be created, making prevention difficult </li></ul><ul><ul><li>Virus-checking software updated often </li></ul></ul><ul><ul><li>(Bandwidth limits make this expensive for mobiles) </li></ul></ul>
  10. 10. Differences: Mobiles vs. PCs <ul><li>PCs: </li></ul><ul><li>Many PCs use the same brand Operating System </li></ul><ul><li>PCs can run both the code under attack and the attack software </li></ul><ul><li>Attacks are spread by IP, email or web access </li></ul><ul><li>Denial of service affects IP services </li></ul><ul><li>Mobile phones: </li></ul><ul><li>Diverse OSs, but converging </li></ul><ul><li>Phones can’t directly run attack software (special hardware often needed to extract binary code) </li></ul><ul><li>Other channels are available for spread (e.g., SMS, false base stations) </li></ul><ul><li>Denial of service can shut down a cellular system </li></ul>
  11. 11. The Changing Mobile User Environment <ul><li>In the past: </li></ul><ul><ul><li>Attacks on mobile phones were detrimental to both the user and operator (cloning) </li></ul></ul><ul><ul><li>Attacks targeted individual phones </li></ul></ul><ul><li>In the future: </li></ul><ul><ul><li>Attacks may be initiated by the user (cloning, defeating security) </li></ul></ul><ul><ul><li>Viral attacks may target a large population of mobiles </li></ul></ul>
  12. 12. Why would a user hack his/her own phone? <ul><li>Upgrading </li></ul><ul><ul><li>The user obtains a better phone (perhaps stolen) and wants to clone the existing subscription without paying the carrier. </li></ul></ul><ul><li>Digital Rights Management </li></ul><ul><ul><li>Users want to share files, games, etc. without paying </li></ul></ul><ul><li>Subscription lock </li></ul><ul><ul><li>The user wants to change operators </li></ul></ul>
  13. 13. Consequences <ul><li>Users increasingly see the operator as an adversary </li></ul><ul><li>Users may unwittingly become victims of secondary attacks </li></ul><ul><ul><li>Defeating security features often opens a path for attack </li></ul></ul><ul><ul><li>Cloning may be accompanied by trojan installation </li></ul></ul>
  14. 14. What should manufacturers do? <ul><li>Proactively address vulnerabilities </li></ul><ul><ul><li>Automated code reviews </li></ul></ul><ul><li>Develop protocols to update software after sale </li></ul><ul><ul><li>Preferably by broadcast </li></ul></ul><ul><li>Migrate to secure, trusted platforms </li></ul><ul><ul><li>Prevent core software modification </li></ul></ul><ul><ul><li>Authenticate downloads </li></ul></ul><ul><ul><li>Protect security information </li></ul></ul>
  15. 15. Can manufacturer efforts suffice? <ul><li>No. </li></ul><ul><ul><li>The defender’s problem: any vulnerability can open an attack </li></ul></ul><ul><ul><li>A perfectly secure platform may still be vulnerable to insider attacks </li></ul></ul><ul><ul><li>Software updates may be impractical given the large numbers of mobiles </li></ul></ul><ul><li>Conclusion: operators cannot rely on manufacturers to prevent cyber attacks </li></ul>
  16. 16. What can operators do? <ul><li>Install firewalls </li></ul><ul><ul><li>Isolate critical servers from mobile data </li></ul></ul><ul><ul><li>Block direct mobile-to-mobile packets </li></ul></ul><ul><ul><li>Perform ingress filtering: block mobile packets with bad “from” IP addresses </li></ul></ul><ul><li>Strengthen and automate responses </li></ul><ul><ul><li>Disable infected mobiles </li></ul></ul><ul><ul><li>Isolate infected subnets </li></ul></ul><ul><ul><li>Scan SMS and other network messaging </li></ul></ul><ul><ul><li>Consider using broadcast code updates </li></ul></ul>
  17. 17. What won’t work <ul><li>Virus scans on phones </li></ul><ul><ul><li>Updating definitions is too expensive </li></ul></ul><ul><li>Virus scans on incoming IP packets </li></ul><ul><ul><li>Encrypted VPN connections prevent examining the contents of IP packets </li></ul></ul>
  18. 18. Will operators take action? <ul><li>Operators are reluctant to spend for a threat that has not yet materialized </li></ul><ul><ul><li>Cloning fraud reached double-digit percentages of revenues before authentication was deployed </li></ul></ul><ul><li>It is to be hoped that operators will at least make contingency plans </li></ul><ul><ul><li>ITU-T recommendations could promote planning </li></ul></ul>
  19. 19. Conclusions <ul><li>Mobile phone computing power and connectivity is approaching that of PCs </li></ul><ul><li>Self-propagating viruses and worms may be possible in mobiles in the near future </li></ul><ul><li>Manufacturers should strive to minimize vulnerabilities to such attacks </li></ul><ul><li>Operators should prepare to take defensive measures </li></ul><ul><li>ITU-T recommendations may be useful </li></ul>