3G Dialers, A New Demon with an Old Scan


Published on

Sao Paulo – May 12, 2010
Conference APWG CECOS IV

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

3G Dialers, A New Demon with an Old Scan

  1. 1. 3G DialersA New Demon with an Old ScanSao Paulo – May 12, 2010Telefonica Empresas SpainLeonardo Amor
  2. 2. 01New solutions – Old problemsTelefónica Empresas Spain 2Security Services
  3. 3. Most used 3G devices to get onlineTelefónica Empresas Spain 3Security Services
  4. 4. Old School RTB devicesTelefónica Empresas Spain 4Security Services
  5. 5. New Solutions – Old problems  HSDPA 3G USB Tech specs:  V.90 Modem PCI Technical details:  Up to 7.2 / 21 Mbps  Up to 56 Kbps  USB 2.0  PCI  Extra bonus:  Extra bonus: • Beep, beep, beep melody • Can warns your hands in a cold day Both MODEMSTelefónica Empresas Spain 5Security Services
  6. 6. 02LandscapeTelefónica Empresas Spain 6Security Services
  7. 7. New Mobile Devices First 3G Routers (lack of WPA security)Telefónica Empresas Spain 7Security Services
  8. 8. Heterogenous OSTelefónica Empresas Spain 8Security Services
  9. 9. Internet access Source: ITU World Telecommunication/ICT Indicators Database.Telefónica Empresas Spain 9Security Services
  10. 10. Mobile users Source: ITU World Telecommunication/ICT Indicators Database.Telefónica Empresas Spain 10Security Services
  11. 11. 03The 3G abuse storyTelefónica Empresas Spain 11Security Services
  12. 12. Monitoring VS Inspection We DO NOT inspect the contentTelefónica Empresas Spain 12Security Services
  13. 13. Monitoring VS Inspection We DO NOT inspect the content Just monitor the traffic flows .Telefónica Empresas Spain 13Security Services
  14. 14. Alarms 2.009 Start getting alarms for traffic to suspicius Premium numbers from 3G devices. This monitor sensor was originally setup with RTB on mind or fix phone lines. › 800 234 +++ › 645 +++ 324 › +52 244 962 +++ › 423 234 +++Telefónica Empresas Spain 14Security Services
  15. 15. Sources Monitor Sensors Our Customers help desk Abuse Complains Third parties services • IP reputationTelefónica Empresas Spain 15Security Services
  16. 16. Abuse Group What kind of Abuses receive Telefonica? • Most of the time propetary formats, later some ARF and not IODEF at all • Please, send your complains, use an standard format.Telefónica Empresas Spain 16Security Services
  17. 17. Modem 3G problems -- User ExperienceTelefónica Empresas Spain 17Security Services
  18. 18. Countermeasures CountermeasuresTelefónica Empresas Spain 18Security Services
  19. 19. 3G User ExperienceTelefónica Empresas Spain 19Security Services
  20. 20. 04The ProposalTelefónica Empresas Spain 20Security Services
  21. 21. Creation of a new Working Group To determinate major security risk related to each Mobile devices • Phishing , Malware, Fraud, Identity Thief, brand abuse, etc.. Alliances and CollaborationTelefónica Empresas Spain 21Security Services
  22. 22. 05ConclusionsTelefónica Empresas Spain 22Security Services
  23. 23. If Internet would be a Today river …..Telefónica Empresas Spain 23Security Services
  24. 24. APWG is doing a good work … • Let’s help the industry to do not fail in old problems • Come on, together we can recover the river!Telefónica Empresas Spain 24Security Services
  25. 25. TomorrowTelefónica Empresas Spain 25Security Services
  26. 26. If Internet would be a river, Operators will distribute water Actual distribution Optimal Value ServicesTelefónica Empresas Spain 26Security Services
  27. 27. Security from the network The network as an active security element Clean internet access Clean VPN access Clean users SECURITY FOR SECURITY FOR SECURITY FOR LAN ACCESING PUBLIC VIRTUAL PRIVATE & ENDPOINT NETWORKS NETWORKS CLEAN CLEAN CLEAN PIPES CLOUD USERS Global security & point 2 pointTelefónica Empresas Spain 27Security Services