UNIT–III: Cybercrime

Mobile and Wireless Devices:

• Introduction

• Proliferation of Mobile and Wireless Devices

• Trends in Mobility
• Credit card Frauds in Mobile and Wireless Computing Era
• Security Challenges Posed by Mobile Devices

• Registry Settings for Mobile Devices

• Authentication service Security
• Attacks on Mobile/Cell Phones
Mobile Devices
 Security Implications for Organizations
 Organizational Measures for Handling Mobile

 Organizational Security Policies an Measures in Mobile Computing Era

 Laptops.
Unit 3: Learning Objectives
 Understand the security challenges presented by mobile devices
and information systems access in the cybercrime world.
 Understand challenges faced by the mobile workforce and
implication under the cybercrime era
 Mitigation strategy – credit card users.
 Security issues due to use of media players
 Organizational security implications with electronic gadgets
 Organizational measures for protecting information systems
from threats in mobile computing area.
 Smishing, vishing attacks in mobile world.
 Security issues arising due to use of removable media- pen drives
Proliferation of mobile and wireless
devices
 You see them everywhere: people hunched over their
smartphones or tablets in cafes, airports, supermarkets
and even at bus stops, seemingly oblivious to anything
or anyone around them.
 They play games, download email, go shopping or
check their bank balances on the go.
 They might even access corporate networks and pull
up a document or two on their mobile gadgets.
Security?
 But as wireless devices become increasingly ingrained into our
daily lives, they open the door to heightened security risks.
 Not only do such devices become points of access for
cybercriminals, but they also may be more easily breached than
personal computers since many consumers do not secure their
smartphones or tablets with antivirus software or take simple
precautions such as enabling password protection.
 According to a Harris Interactive survey commissioned by CTIA,
a wireless trade group,
 less than half of all wireless device owners use passwords or
personal identification numbers (PINs) on their handsets
 Among those who conduct online banking on mobile devices, only
half encrypt the data or use some form of security software.
 Moreover, less than one third of users have installed antivirus
software on their mobile devices compared to 91% on their laptops.
 This may explain why: 45% do not see cybersecurity on their mobile
devices as a threat in the same way as they see it on their computers
Risk factor:
 The dangers, of course, are plenty.
 Rogue mobile apps can record the information that users type
into a device, such as bank account numbers and PINs
 They can read data stored on a handset, such as emails, text
messages, attachments, credit card numbers, and log-ins and
passwords to corporate networks.
 A phone can even secretly record conversations within earshot.
 Data that leaves a mobile device wirelessly to connect to a Wi-Fi
network could be hijacked in midair in “man in the middle”
attacks.
 Consumers may not be as concerned about securing a wireless
device because they do not view it as a small computer. “They
think, ‘Oh, it’s just my phone.
 he risks are transferred to the workplace as more people bring
their devices to the office for both personal and professional use,
a phenomenon known as BYOD or “Bring Your Own Device.”
Popular types of attacks against 3G
mobile networks:
 Malware, viruses and worms
 Skull trojans
 Cabir worm
 Mosquito worm
 Denial-of-service
 Overbilling attack
 Spoofed policy development process
 Signaling-level attacks
Skull trojan

 A trojan horse piece of code that targets mainly

Symbian OS.
 Once downloaded, the virus replaces all phone
desktop icons with images of a skull.
 It also renders all phone applications useless.
 This malware also tends to mass text messages
containing malicious links to all contacts accessible
through the device in order to spread the damage.
 This mass texting can also give rise to high expenses.
Cabir worm
 This malware infects mobile phones running on
Symbian OS and was first identified in June 2004.
When a phone is infected, the message 'Caribe' is
displayed on the phone's screen and is displayed every
time the phone is turned on.
 The worm then attempts to spread to other phones in
the area using wireless Bluetooth signals, although the
recipient has to confirm this manually.
Mosquito worm
 In June 2004, it was discovered that a company called
Ojam had engineered an anti-piracy Trojan virus in
older versions of its mobile phone game, Mosquito.
 This virus sent SMS text messages to the company
without the user's knowledge.
 Although this malware was removed from the game's
more recent versions, it still exists in older, unlicensed
versions, and these may still be distributed on file-
sharing networks and free software download web
sites.
list of mobile vulnerabilities
 Mobile devices often do not have passwords enabled.
 Two-factor authentication is not always used when
conducting sensitive transactions on mobile devices.
 Wireless transmissions are not always encrypted
 Mobile devices may contain malware.
 Mobile devices often do not use security software.
 Operating systems may be out-of-date.
 Software on mobile devices may be out-of-date
 Mobile devices often do not limit Internet connections.
 Mobile devices may have unauthorized modifications.
 an unsecured WiFi network could let an attacker access
personal information from a device, putting users at risk
for data and identity theft.
Credit Card Fraud
 Traditional technique
 Application fraud:
 ID theft and
 Financial Fraud
 Modern technique
 Triangulation
 Credit Card generators
3.5 Security challenges posed by
mobile devices:
 One at the device level: microchallenges
 Another at the organization level: macrochallenges
3.5. Security Challenges Posed by
Mobile Devices:
 Managing the registry setting and configuration
 Authentication Service Security
 Cryptography Security
 Lightweight Directory Access protocol(LADP) Security
 Remote Access Server(RAS) security
 Media Player Control Security
 Network Application Program Interface (API) security
3.6.Registry settings for mobile
devices: example
 Microsoft Active Sync : synchronize PCs and MS
Outlook
 Gateway between Windows-Powered PC and
Windows mobile-Powered device
 Enables transfer of Outlook information, MS Office
documents, pictures, music, videos and applications
 Active sync can synchronize directly with MS
Exchange Sever so that the user can keep their E-Mails,
calendar, notes and contacts updated wirelessly.
Managing the registry setting and
configuration:
 If you use an Active Directory® environment to
administer the computers in your network, Group
Policy provides a comprehensive set of policy settings
to manage Windows® Internet Explorer® 8 after you
have deployed it to your users' computers.
 You can use the Administrative Template policy
settings to establish and lock registry-based policies
for hundreds of Internet Explorer 8 options, including
security options.
 1700 settings in a standard group policy
Managing the registry setting and
configuration:
 Even if the user go through every control panel setting
and group policy option- no desired baseline security

 So make additional registry changes that are not

exposed to any interface: avoid “registry hacks”
Example
 When using Pick-IT ASP in
Internet Explorer, the SIP
(software input panel, or
virtual keyboard) will pop up
when a textbox is activated.
We cannot control this panel
through Pick-IT.

The method disables this SIP,

depending on your mobile
device model and operating
system.
3.7. Authentication Service Security
Two components of security in mobile computing:
1. Security of devices
2. Security in Networks
 Involves mutual authentication between the device
and the base station/ web servers.
 Ensures that only authenticated devices can be
connected to the network
 Hence, no malicious code can impersonate the service
provider to trick the device.
Eminent kinds of attacks on mobile devices:
 Push attacks
 Pull attacks
 Crash attack
 Authentication services security is important given the
typical attacks on mobile devices through wireless
networks:
 DoS attacks
 Traffic analysis
 Eaves dropping
 Man-in-the-middle attacks and session hijacking.
 Security measures in this scenario come from wireless
Application Protocols(WAPs),use of VPNs, media access
control(MAC) address filtering and development in
802.xx standards.
 3.7.1. Cryptographic Security for Mobile Devices:
 Cryptographically Generated Address (CGA)
 CGA is IPv6: generated by hashing owner’s public-key address
 The address the owner uses is the corresponding private key to
assert address ownership and
 To sign messages sent from the address without a Public-Key
Infrastructure(PKI)
 CGA-based Authentication can be used to protect IP-Layer
signaling protocols
 Also used in key –exchange and create an IPSec security
association for encryption and data authentication
 Palms are one of the most common hand held devices used in
mobile computing.
 Cryptographic security controls are deployed on these devices.
Example: Palm OS5
 Cryptographic Provider Manage(CPM) in Palm
OS5 is a system-wide suite of cryptographic
services for securing data and resources on a Palm-
powered device.
 The CPM extends encryption services to any
application written to take advantage of these
capabilities, allowing the encryption of only
selected data or of all data and resources on the
device.
3.7.2. LDAP security for hand held mobile computing
devices
 LDAP is a software protocol for enabling anyone to locate
individuals, organizations and other resources like files
and devices on the network
 LDAP is light weight(smaller amount of code) version of
Directory Access Protocol(DAP) since it does not include
security features in its initial version.
 It originated at the University of Michigan
 Endorsed by atleast 40 companies
 Centralized directories such as LDAP make revoking
permissions quick and easy.
3.7.3. RAS security for mobile
devices
 RAS is important for protecting business sensitive data that
may reside on the employee’s mobile devices.
 Vulnerable to unauthorized access : resulting in providing a
route into the systems with which they connect
 By impersonating or masquerading to these systems, a
cracker is able to steal data or compromise corporate systems
in other ways.
 Another threat is by port scanning: DNS server-> locate IP
address-> scan the port on this IP address that are
unprotected, working their way through its Transmission
Control Protocol / User Datagram Protocol (TCP/UDP).
 Precautions: a personal firewall
 Protecting against port scanning requires software that
can trap unauthorized incoming data packets and
prevent a mobile device from revealing its existence
and ID.
 Smart device can be an effective protective screen
against this form of attack for the users connecting
through direct internet or RAS connection.
RAS system security for Mobile device clients
 The security of the RAS server
 The security of the RAS client
 The secure data transmission
3.7.4. Media Player Control
Security
 Potential security attacks on mobile devices through
the “music gateways”
 Windows media player: MS warned about security
loop holes
 Corrupt files posing as normal music and video files
 May open a website from where the Javascript can be
operated.
 Allow attacker to download and use the code on user’s
machine
 Create buffer overrun errors.
3.7.5. Networking API security for
mobile computing applications
 E-commerce
 M-commerce(online payment gateways accessed
remotely and possibly wirelessly.)
 Development of various API’s to enable software and
hardware developers to write single applications to
target multiple security platforms.
 Providing a common software framework, APIs will
become an important enabler of new and higher value
services.
3.8. Attacks on Mobile/ cell phones
 Mobile Phone Theft
 Mobile Viruses
 Mishing
 Vishing
 Smishing
 Hacking bluetooth
3.8.1. Mobile phone theft
With mobiles or cell phones becoming fancier, more popular, and more
expensive, they are increasingly liable to theft.
The following factors contribute for outbreaks on mobile devices:
1. Enough target terminals: The first PalmOS virus was seen after
the number of palm OS devices reached 15 million. The first instance
of a mobile virus was observed during June 2004 when it was
discovered that an organization ”Ojam” had engineered an antipiracy
Trojan virus in older version of their mobile phone game known as
Mosquito.
This virus sent SMS text messages to the organization without the
users’ knowledge.
2. Enough functionality: office functionality, critical data and
applications protected insufficiently or not at all.
The expanded functionality increases the probability of malware
3. Enough connectivity: SMS, MMS, Synchronization, Bluetooth,
infrared(IR) and WLAN connections
How to Protect a Mobile Phone
from Being Stolen
 Keep details. Make a record of all your phone
information and keep this in a safe place. Include the
following elements in the information: Your phone
number
 The make and model
 Color and appearance details
 The pin or security lock code
 The IMEI number (on GSM phones)
 International Mobile Equipment Identity
 Add a security mark. Use an ultra violet pen to print your post code and
house number onto both your mobile handset and battery. This makes it easily
identifiable as your property if lost or stolen. It would also be good if you
write your alternate contact number or email id on your phone.
 This would help the finder of your handset to contact you if he or she intents
to return it. The ultra-violet pen marking will wear off every couple of
months, so reapply it when you feel necessary.
 Use the security lock code, or PIN feature, to lock your phone. This will
make it less valuable to a thief and deny them access to personal numbers
stored on your SIM card.
 Register your phone with your network operator. If your phone is stolen,
report the loss to them immediately. Using your IMEI number, they may be
able to block your hand set and account details.
 Some wireless carriers are willing to do this, and some aren't. If done, this will
prevent anyone from using the phone across any network, even if the SIM
card is changed. Keep in mind that once the phone is disabled, it may not be
able to be used again, even if you get it back.
 Keep records of this call--the date, time, name of the person you spoke to,
what they said, and their extension. Ask for confirmation in writing that your
phone has been disabled.[2] This is important in case the thief makes
fraudulent charges on your account.
 Have your phone number disabled. In addition to reporting your phone lost
or stolen, you should also disable your phone number (not account) so that no
further charges can be applied.
 This is in case the thief figures out how to access your account through
another hand set, or in case the carrier is unwilling to block the handset.
 Remember that, as mentioned earlier, many thieves stand to benefit from using
your service rather than selling your phone, especially between the moment
they steal it and the moment you realize your phone is missing.[3]
 As in the previous step, keep detailed records of when you requested your
account to be disabled.
 Request an immediate, formal investigation from your carrier. Sometimes
this can prevent (or at least delay) the carrier from launching a collections
effort and tainting your credit, if things get ugly. [4]
 File a police report immediately. Time is money, literally. A thief can add
over US$10,000 to your cell phone bill in just hours by making international
calls, and you might end up being asked to foot the bill. Some phone companies
may require proof that the phone was actually stolen, versus it having been
lost. A police report serves as evidence, which will make your wireless provider
more cooperative, especially if insurance is involved.
 Install anti phone theft software. There are suppliers that provide modern anti
theft software for your phone. The software enables you to remotely contact your
mobile and stay in control. For example, one of the recently published solutions
for Symbian and Android is Theft Aware; others provide Windows Mobile or
Blackberry support
 Never let the phone get out of your sight. Unless you are sleeping of course,
always have your eyes on the phone.
2. Mobile Viruses
 A mobile virus is similar to a computer virus that targets mobile
phone data or applications/ software installed in it.
 40 mobile virus families
 300+ mobile viruses identified
 First mobile virus : june 2004
 Mobile virus get Spread through two dominant communication
protocols
 Bluetooth(virus can easily spread within a distance of 10-30m blue tooth
activated devices),
 MMS (Multimedia Messaging Service)
(virus sends a copy of itself to all mobile users whose no.s are available in
the infected mobile phone’s address book)
Example
 All mobile users pay attention!!!!!!!!!

If you receive a phone call and your mobile phone

displays(XALAN)on the screen don't answer the call, END THE
CALL IMMEDIATELY,if you answer the call,your phone will be
infected by a virus. This virus WILL ERASE all IMEI and IMSI
information from both your phone and your SIM card, which will
make your phone unable to connect with the telephone network.
You will have to buy a new phone. This information has been
confirmed by both Motorola and Nokia. There are over 3 Million
mobile phones being infected by this virus in all around the world
now. You can also check this news in the CNN web site.
PLEASE FORWARD THIS PIECE OF INFORMATION TO ALL
YOUR FRIENDS HAVING A MOBILE PHONE.
How to protect from mobile malware attacks
 Download or accept progrms and content only from a trusted source.
 Turn off bluetooth or set it to non-discoverable when not in use.
 Receive IR beams only from trusted source.
 Download and Install antivirus software for mobile devices.

Mobile Phone Virus Hoax

• Variants of this hoax have been circulating since 1999. The information in
the email is completely untrue and has certainly not been "confirmed by
both Motorola and Nokia".

• Forwarded messages claim that a destructive virus will infect your mobile
(cell) phone if you receive a call that displays "ACE" or "XALAN" on the
screen.
 38.3. Mishing
 'Mishing' is a combination of the words mobile phone and phishing.
 Mishing is very similar to phishing—the only difference is the
technology.
 Phishing involves the use of emails to trick you into providing your
personal details, whereas mishing involves mobile phones.
 If you use your mobile phone for purchasing goods and services
and convenient banking, you could be more vulnerable to a Mishing
scam.
Variants of Mishing:
 Vishing : Mishing attacker makes call for phishing
 Smishing: Mishing attacker sends SMS for phishing
Vishing
 The term "vishing" is a socially engineered technique for stealing
information or money from consumers using the telephone
network.
 The term comes from combining "voice" with "phishing," which
are online scams that get people to give up personal information.
 Vishing is very similar to phishing—the only difference is the
technology.
 Vishing involves voice or telephone services. If you use a Voice
over Internet Protocol (VoIP) phone service, you are particularly
vulnerable to a vishing scam.
 Vishing is usually used to steal credit card numbers or other
related data used in ID theft schemes from individuals.
Profitable uses of the information gained through a
Vishing attack include:
 ID theft
 Purchasing luxury goods and services
 Transferring money/ funds
 Monitoring the victims bank accounts
 Making applications for loans and credit cards
How Vishing works?
1. Internet E-mail: it is also called phishing mail.
2. Mobile text messaging
3. Voice mail
4. Direct phone call: a vishing perpetrator (visher) may gain access
to a group of private customer phone numbers.
 The visher may then call the group(may use war dialer)
 When a potential victim answers the phone, he or she hears an
automated recording informing him that his bank account has been
compromised.
 He then calls the specified toll-free number to reset his security
settings and hears another automated message requesting the user’s
bank account number and/or other personal details via the phone
keypad..
How to protect from Vishing
attack?
 Be suspicious of all unknown callers
 Don't trust caller ID: caller ID spoofing is easy
 Ask questions: ask them to identify who they work
for, and then check them out to see if they are
legitimate.
 Call them back: call them back using a number from
your bill or your card. Never provide credit card
information or other private information to anyone
who calls you
 Report incidents: to nearest cyberpolice cell
Smishing
 Short for SMS Phishing, smishing is a variant of
phishing email scams that instead utilizes Short Message
Service (SMS) systems to send bogus text messages.
 Also written as SMiShing, SMS phishing made recent
headlines when a vulnerability in the iPhone's SMS text
messaging system was discovered that made smishing on
the mobile device possible.
How smishing works?
 Smishing scams frequently seek to direct the text
message recipient to visit a website or call a phone
number, at which point the person being scammed is
enticed to provide sensitive information such as credit
card details or passwords.
 Smishing websites are also known to attempt to infect
the person's computer with malware.
Example
Text message originating from either notice@jpecu or
message@cccu :
 ABC CU – has –deactivated – your Debit_card. To
reactivate contact:210957XXXX
This is an automated message from ABC Bank.
 Your ATM card has been suspended. To reactivate call
urgent at 1 866 215 XXXX
Text message originating from [email protected] :
 [email protected]/VISA. (Card Blocked) Alert. For
more information please call 1-877-269-XXXX
How to protect from Smishing
attacks?
 Do not answer a text message
 Avoid calling any phone numbers
 Never click on a hot link received through messages
Hacking bluetooth
 Bluetooth hacking is a technique used to get information
from another Bluetooth enabled device without any
permissions from the host.
 This event takes place due to security flaws in the
Bluetooth technology.
 It is also known as Bluesnarfing.
 Bluetooth hacking is not limited to cell phones, but is also
used to hack PDAs, Laptops and desktop computers.
 Bluetooth hacking is illegal and can lead to serious
consequences.
Following are threats a person can face when
his/her mobile phone gets bluesnarfed:
 The hacker can steal, delete contacts
 Hacker can extract personal files/pictures etc.
 Your cell phone can be used for making calls and using
internet at your expense.
 The hacker may call or text your contacts to annoy them.
 You mobile phone can be reset to default factory settings
hence deleting your personal settings
 Hacker can even access your calendar, clock, International
Mobile Equipment Identity (IMEI) number. IMEI number
can be used to clone your cell phone so that your messages
are also routed to another number. Cloning is also
considered illegal.
Common attacks
 Bluejacking
 Bluesnarfing
 Bluebugging
 Car wishper
Bluejacking
 Bluejacking is the sending of unsolicited messages over
Bluetooth to Bluetooth-enabled devices such as
mobile phones, PDAs or laptop computers, sending a
vCard which typically contains a message in the name
field (i.e., for bluedating or bluechat) to another
Bluetooth-enabled device .
 Bluejacking is also known as bluehacking.
 Bluejacking exploits a basic Bluetooth feature that
allows devices to send messages to contacts within
range.
 Bluejacking is harmless
 Bluesnarfing
 Bluesnarfing(To take somethimg without permission) is
the unauthorized access of information from a wireless device
through a Bluetooth connection, often between phones,
desktops, laptops, and PDAs (personal digital assistant.).
 This allows access to a calendar, contact list, emails and text
messages, and on some phones, users can copy pictures and
private videos.
 Both Bluesnarfing and Bluejacking exploit others' Bluetooth
connections without their knowledge.
 While Bluejacking is essentially harmless as it only transmits
data to the target device, Bluesnarfing is the theft of
information from the target device.
Bluebugging
 Bluebugging: it allows attackers to remotely access a users phone and
use its features without users attention. It is a form of Bluetooth attack
often caused by a lack of awareness.
 It was developed after the onset of bluejacking and bluesnarfing.
Similar to bluesnarfing, bluebugging accesses and uses all phone
features
 Bluebugging manipulates a target phone into compromising its
security, this to create a backdoor attack before returning control of the
phone to its owner. Once control of a phone has been established, it is
used to call back the hacker who is then able to listen-in to
conversations.
 The Bluebug program also has the capability to create a call forwarding
application whereby the hacker receives calls intended for the target
phone.
 Not only can a hacker receive calls intended for the target phone, he
can send messages, read phonebooks, and examine calendars.
 Car Whisperer
 Software that intercepts a hands-free Bluetooth conversation
in a car.
 the Car Whisperer enables an attacker to speak to the driver
as well as eavesdrop on a conversation.
 By exploiting the fact that a common security code (passkey)
is used by many Bluetooth hands-free system vendors, the Car
Whisperer sets up a two-way session with the car and a Linux
computer.
 an attacker could access a telephone address book once he has
connected with the Bluetooth system,
 May disable airbags or breaks
 The best way to avoid being "Car Whispered" is to simply connect the
in-car system to a Bluetooth phone, because only one such device can
be connected at a time.
Common bluetooth attack tools
 BTScanner
 Bluesnarfer
 Bluediving
 Bluebugger
 Bluesniff
Mobile Devices: Security Implications for Organizations
 Managing diversity and proliferation of Hand-Held
devices
 Unconventional/ stealth storage devices
 Threat through lost and stolen devices
 Protecting data on lost devices
 Educating the laptop users
1. Managing diversity and
proliferation of Hand-Held devices
 Employees aren't just bringing their mobile devices to
the workplace—they're living on them
 As smartphones and tablets become constant
companions, cyber attackers are using every avenue
available to break into them.
 With the right (inexpensive) equipment, hackers can
gain access to a nearby mobile device in less than 30
seconds and either mirror the device and see
everything on it, or install malware that will enable
them to siphon data from it at their leisure.
 Analysts predict that by 2018, 25 percent of corporate
data will completely bypass perimeter security and flow
directly from mobile devices to the cloud.
 Chief information security officers (CISOs) and other
security executives are finding that the proliferation of
mobile devices and cloud services are their biggest
barriers to effective breach response.
 In order to secure the corporate data passing through
or residing on mobile devices, it is imperative to fully
understand the issues they present.
5 Security Risks and a Surprising
Challenge
1. Physical access
2. Malicious Code
3. Device Attacks
4. Communication Interception
5. Insider Threats
Physical access
 Mobile devices are small, easily portable and extremely
lightweight.
 hence easy to steal or leave behind in airports, airplanes or
taxicabs.
 As with more traditional devices, physical access to a mobile
device equals “game over.”
 The cleverest intrusion-detection system and best anti-virus
software are useless against a malicious person with physical
access.
 Circumventing a password or lock is a trivial task for a seasoned
attacker, and even encrypted data can be accessed.
 This may include not only corporate data found in the device,
but also passwords residing in places like the iPhone Keychain,
which could grant access to corporate services such as email and
virtual private network (VPN).
Malicious Code
 Mobile malware threats are typically socially engineered and focus on
tricking the user into accepting what the hacker is selling.
 The most prolific include spam, weaponized links on social networking
sites and rogue applications.
 Android devices are the biggest targets, as they are widely used and
easy to develop software for.
 Mobile malware Trojans designed to steal data can operate over either
the mobile phone network or any connected Wi-Fi network.
 They are often sent via SMS (text message); once the user clicks on a
link in the message, the Trojan is delivered by way of an application,
where it is then free to spread to other devices.
 When these applications transmit their information over mobile phone
networks, they present a large information gap that is difficult to
overcome in a corporate environment.
Device Attacks
 Attacks targeted at the device itself are similar to the
PC attacks of the past.
 Browser-based attacks, buffer overflow exploitations
and other attacks are possible.
 The short message service (SMS) and multimedia
message service (MMS) offered on mobile devices
afford additional avenues to hackers.
 Device attacks are typically designed to either gain
control of the device and access data, or to attempt a
distributed denial of service (DDoS).
Communication Interception
 Wi-Fi-enabled smartphones are susceptible to the same attacks that
affect other Wi-Fi-capable devices.
 The technology to hack into wireless networks is readily available, and
much of it is accessible online, making Wi-Fi hacking and man-in-the-
middle (MITM) attacks easy to perform.
 Cellular data transmission can also be intercepted and decrypted.
 Hackers can exploit weaknesses in these Wi-Fi and cellular data
protocols to eavesdrop on data transmission, or to hijack users’ sessions
for online services, including web-based email.
 For companies with workers who use free Wi-Fi hot spot services, the
stakes are high.
 While losing a personal social networking login may be inconvenient,
people logging on to enterprise systems may be giving hackers access to
an entire corporate database.
Insider Threats
 Mobile devices can also facilitate threats from employees and other
insiders.
 Malicious insiders can use a smartphone to misuse or misappropriate
data by downloading large amounts of corporate information to the
device’s secure digital (SD) flash memory card, or by using the device
to transmit data via email services to external accounts.
 The downloading of applications can also lead to unintentional threats.
 The misuse of personal cloud services through mobile applications is
another issue; when used to convey enterprise data, these applications
can lead to data leaks that the organization remains entirely unaware
of.
 Many device users remain unaware of threats, and the devices
themselves tend to lack basic tools that are readily available for other
platforms, such as anti-virus, anti-spam, and endpoint firewalls.
Policy making efforts
 Organization needs to establish security practice subject to
legal and external constraints
 Policy making effort starts with the commitment of CEO,
president or Director who takes cybersecurity seriously
 Mobile devices of the employees should be registered in the
corporate asset register
 Close monitoring of these devices
 Physical access to corporate resources must be removed
from mobile devices before the employee leaves
 Employees register their device with the IT department: to
control the access
Unconventional/ Stealth Storage
devices
 Secondary storage devices
 CDs
 USBs
 Portable external hard disks
 Portable storage devices can be easily lost or stolen.
 Decrease in size and emerge in new shape and sizes – difficult to
detect
 Prime challenge for organizational security
 Firewalls and antivirus software are no defense against the open
USB ports
 Remedy- block these ports, but Windows OS do not support
 Disgruntled employee can use these to download confidential
data or upload harmful virus
Devicelock software
 DeviceLock provides network administrators the
ability to set and enforce contextual policies for how,
when, where to, and by whom data can or can’t be
moved to or from company laptops or desktop PCs via
devices like phones, digital cameras, USB sticks,
CD/DVD-R, tablets, printers or MP3 players.
 In addition, policies can be set and enforced for copy
operations via the Windows Clipboard, as well as
screenshot operations on the endpoint computer.
Stealth storage devices
3. Threats through lost and stolen devices
4. Protecting data on lost devices
 Encrypting sensitive data
 Encrypting entire file system
 Encrypting servers: third party solutions
 Create a database action to delete the entire data on
the user’s device
 5. Educating the Laptop users
 No free downloads
 Illegal music files and movies
 86% employees do this
3.10 Organizational measures for handling mobile
devices- related security issues
 In this section, we discuss what organizations can do
toward safeguarding their information systems in the
mobile computing paradigm.
 Encrypting organizational databases.
 Including mobile devices in security strategy.
3.11 Organizational Security Policies
And Measures In Mobile Computing
 3.11.1. Importance Of Security Policies Relating To
Mobile Computing Devices.
 3.11.2. Operating Guidelines For Implementing Mobile
Devices Security Policies.
 3.11.3. Organizational Policies For The Use Of Mobile
Hand – Held Devices