Behind Enemy Lines - Practical & Triage Approaches to Mobile Security Abroad

1,103 views

Published on

Presentation from TakeDownCon 2011 in Las Vegas on December 7, 2011.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,103
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Behind Enemy Lines - Practical & Triage Approaches to Mobile Security Abroad

  1. 1. Behind Enemy LinesPractical & Triage Approaches to Mobile Security Abroad
  2. 2. Presentation Objectives ‣ Highlight the threats posed by traveling abroad with mobile devices ‣ Discuss lessons learned from real world experiences ‣ Provide practical recommendations for reducing these threats ‣ Do it all in 40 mins or less
  3. 3. About me ‣ Justin Morehouse (@mascasa) ‣ Principal Consultant, Stratum Security ‣ CTO of ThreatSim ‣ Security Operations and Consulting ‣ Co-author ‘Securing the Smart Grid’ ‣ OWASP Tampa Chapter Founder & Leader ‣ Presented at DEF CON, ShmooCon, OWASP, and more...
  4. 4. My addiction to smartphones ‣ Since 2008 I’ve used and subsequently voided the warranties of the following: ‣ BlackBerry Bold 9700 & 8820 ‣ HTC Nexus One (Android 2.3) ‣ iPhone, 3G, 3GS, 4, 4s (All iOS versions) ‣ Motorola Droid (Android 2.1, 2.2, 2.3) ‣ Samsung Galaxy S (Android 2.1) ‣ T-Mobile (HTC) Dash (Windows Mobile 6.5)
  5. 5. Stratum SecurityWhy mobile security?
  6. 6. Stratum SecurityBecause mobile devices are everywhere...
  7. 7. Stratum SecuritySmartphones outsold PCs in Q4 of 2010
  8. 8. 1,000,000,000+ smartphone users by 2013
  9. 9. ...and do amazing(ly stupid) things
  10. 10. and everyone uses them...
  11. 11. most recently...
  12. 12. Stratum SecurityWhy international mobile security?
  13. 13. My TripIt profile page Video Conferencing
  14. 14. Is mobile security a real issue?
  15. 15. Example #1
  16. 16. Example #2
  17. 17. Wikileaks Spy Files
  18. 18. How you are targeted by threat agents
  19. 19. ...phishing
  20. 20. evil maid attack
  21. 21. ...and drive-by downloads
  22. 22. Not all threats are created equal...
  23. 23. Advanced Threats
  24. 24. MinimalThreats
  25. 25. Moderate Threats
  26. 26. Practical mitigation steps
  27. 27. Have a plan...
  28. 28. Make yourself anonymous(as possible)
  29. 29. Leverage existing technologies...
  30. 30. Case Study
  31. 31. Client Overview ‣ Well-known international retail organization ‣ Executives traveling to hostile countries with moderate threats ‣ Loss of IP would be harmful to organization if obtained by competition
  32. 32. Proposed Solution ‣ Utilize factory unlocked iPhone 4 ‘burner’ phones ‣ Preconfigure with VPN, encryption, PIN, remote wipe, via MDM ‣ Purchase local SIM (with cash) upon arrival ‣ Perform forensics on phone upon return
  33. 33. Solution Issues ‣ Executives often forgot to enable VPN before using data services ‣ Local SIM purchase required detailed information (passport) ‣ Executives used public wireless networks on several occasions
  34. 34. Lessons Learned ‣ Utilize configuration utilities to enforce policies on devices (WiFi, VPN, etc.) ‣ Purchase local SIM cards in advance using anonymous(ish) means (BitCoin) ‣ Disable local syncing in favor of web-based solutions ‣ Require two-factor authentication for all web- based solutions ‣ Tunnel your tunnels (VPN & SSL)
  35. 35. Effective mobile security triage
  36. 36. Keep it simple...
  37. 37. Plan for the Worst ‣ Knowledge is key (DO’s and DON’Ts cheat-sheet) ‣ Rule of 32 (w/ Vodafone UK SIM) ‣ Remote deployment solutions (Wipe & rebuild required) ‣ Overnight INTL shipping
  38. 38. Questions? Justin Morehouse justin.morehouse@stratumsecurity.com www.stratumsecurity.com www.threatsim.com

×