MODULE 2

CYBERCRIMES: MOBILE AND WIRELESS

INTRODUCTION. Why should mobile devices be protected? Every day, mobile devices are
lost, stolen, and infected. Mobile devices can store important business and
personal information, and are often be used to access University systems, email, banking

Proliferation of mobile and wireless devices:

⚫ people hunched over their smartphones or tablets in cafes, airports, supermarkets
and even at bus stops, seemingly oblivious to anything or anyone around them.
⚫ They play games, download email, go shopping or check their bank balances on the
go.
They might even access corporate networks and pull up a document or two on their mobile
gadgets
Today, incredible advances are being made for mobile devices. The trend is for smaller
devices and more processing power. A few years ago, the choice was between a wireless
phone and a simple PDA. Now the buyers have a choice between high-end PDAs with
integrated wireless modems and small phones with wireless Web-browsing capabilities. A
long list of options is available to the mobile users. A simple hand-held mobile device
provides enough computing power to run small applications, play games and music, and
make voice calls. A key driver for the growth of mobile technology is the rapid growth of
business solutions into hand-held devices.
As the term "mobile device" includes many products. We first provide a clear distinction
among the key terms: mobile computing, wireless computing and hand-held devices. Figure
below helps us understand how these terms are related. Let us understand the concept of
mobile computing and the various types of devices.

Mobile computing is "taking a computer and all necessary files and software out into the
field." Many types of mobile computers have been introduced since 1990s. They are as
follows:
1. Portable computer: It is a general-purpose computer that can be easily moved from one
place to another, but cannot be used while in transit, usually because it requires some
"setting-up" and an AC power source.

CYBER Page 1
SECURITY
2. Tablet PC: It lacks a keyboard, is shaped like a slate or a paper notebook and has features
of a touchscreen with a stylus and handwriting recognition software. Tablets may not be best
suited for applications requiring a physical keyboard for typing, but are otherwise capable of
carrying out most tasks that an ordinary laptop would be able to perform.
3. Internet tablet: It is the Internet appliance in tablet form. Unlike a Tablet PC, the Internet
tablet does not have much computing power and its applications suite is limited. Also it
cannot replace a general-purpose computer. The Internet tablets typically feature an MP3 and
video player, a Web browser, a chat application and a picture viewer.
4. Personal digital assistant (PDA): It is a small, usually pocket-sized, computer with
limited functionality. It is intended to supplement and synchronize with a desktop computer,
giving access to contacts, address book, notes, E-Mail and other features.
5. Ultramobile (PC): It is a full-featured, PDA-sized computer running a general-purpose
operating system (OS).
6. Smartphone: It is a PDA with an integrated cell phone functionality. Current
Smartphones have a wide range of features and installable applications.
7. Carputer: It is a computing device installed in an automobile. It operates as a wireless
computer, sound system, global positioning system (GPS) and DVD player. It also contains
word processing software and is Bluetooth compatible.
8. Fly Fusion Pentop computer: It is a computing device with the size and shape of a pen. It
functions as a writing utensil, MP3 player, language translator, digital storage device and
calculator.
Trends in Mobility:
Mobile computing is moving into a new era, third generation ( 3G), which promises greater
variety in applications and have highly improved usability as well as speedier networking.
"iPhone" from Apple and Google-led "Android" phones are the best examples of this trend
and there are plenty of other developments that point in this direction. This smart mobile
technology is rapidly gaining popularity and the attackers (hackers and crackers) are among
its biggest fans.
It is worth noting the trends in mobile computing; this will help readers to readers to realize
the seriousness of cybersecurity issues in the mobile computing domain. Figure below shows
the different types of mobility and their implications.

CYBER Page 2
SECURITY
The new technology 3G networks are not entirely built with IP data security. Moreover, IP
data world when compared to voice-centric security threats is new to mobile operators. There
are numerous attacks that can be committed against mobile networks and they can originate
from two primary vectors. One is from outside the mobile network - that is, public Internet,
private networks and other operator's networks - and the other is within the mobile networks-
that is, devices such as data-capable handsets and Smartphones, notebook computers or even
desktop computers connected to the 3G network.
Popular types of attacks against 3G mobile networks are as follows:
1. Malwares, viruses and worms: Although many users are still in the transient process of
switching from 2G,2.5G2G,2.5G to 3G,3G, it is a growing need to educate the community
people and provide awareness of such threats that exist while using mobile devices. Here are
few examples of malware(s) specific to mobile devices:
 Skull Trojan: I targets Series 60 phones equipped with the Symbian mobile OS.
 Cabir Worm: It is the first dedicated mobile-phone worm infects phones running on
Symbian OS and scans other mobile devices to send a copy of itself to the first
vulnerable phone it finds through Bluetooth Wireless technology. The worst thing
about this worm is that the source code for the Cabir-H and Cabir-I viruses is
available online.
 Mosquito Trojan: It affects the Series 60 Smartphones and is a cracked version of
"Mosquitos" mobile phone game.
 Brador Trojan: It affects the Windows CE OS by creating a svchost. exe file in the
Windows start-up folder which allows full control of the device. This executable file
is conductive to traditional worm propagation vector such as E-Mail file attachments.
 Lasco Worm: It was released first in 2005 to target PDAs and mobile phones running
the Symbian OS. Lasco is based on Cabir's source code and replicates over Bluetooth
connection.

2. Denial-of-service (DoS): The main objective behind this attack is to make the system
unavailable to the intended users. Virus attacks can be used to damage the system to make the
system unavailable. Presently, one of the most common cyber security threats to wired
Internet service providers (iSPs) is a distributed denial-of-service (DDos) attack .DDoS

CYBER Page 3
SECURITY
attacks are used to flood the target system with the data so that the response from the target
system is either slowed or stopped.
3. Overbilling attack: Overbilling involves an attacker hijacking a subscriber's IP address
and then using it (i.e., the connection) to initiate downloads that are not "Free downloads" or
simply use it for his/her own purposes. In either case, the legitimate user is charged for the
activity which the user did not conduct or authorize to conduct.
4. Spoofed policy development process (PDP): These of attacks exploit the vulnerabilities
in the GTP [General Packet Radio Service (GPRS) Tunneling Protocol].
5. Signaling-level attacks: The Session Initiation Protocol (SIP) is a signaling protocol used
in IP multimedia subsystem (IMS) networks to provide Voice Over Internet Protocol (VoIP)
services. There are several vulnerabilities with SIP-based VolP systems.

Credit Card Frauds in Mobile and Wireless Computing Era:

These are new trends in cybercrime that are coming up with mobile computing - mobile
commerce (M-Commerce) and mobile banking (M-Banking). Credit card frauds are now
becoming commonplace given the ever-increasing power and the ever-reducing prices of the
mobile hand-held devices, factors that result in easy availability of these gadgets to almost
anyone. Today belongs to "mobile compüting," that is, anywhere anytime computing. The
developments in wireless technology have fuelled this new mode of working for white collar
workers. This is true for credit card processing too; wireless credit card processing is a
relatively new service that will allow a person to process credit cards electronically, virtually
anywhere. Wireless credit card processing is a very desirable system, because it allows
businesses to process transactions from mobile locations quickly, efficiently and
professionally. It is most often used by businesses that operate mainly in a mobile
environment

There is a system available from an Australian company "Alacrity" called closed-loop

environment for for wireless (CLEW). Figure above shows the flow of events with CLEW
which is a registered trademark of Alacrity used here only to demonstrate the flow in this
environment.

As shown in Figure, the basic flow is as follows:

1. Merchant sends a transaction to bank
2. The bank transmits the request to the authorized cardholder
3. The cardholder approves or rejects (password protected)

CYBER Page 4
SECURITY
 4. The bank/merchant is notified
5. The credit card transaction is completed.

Security Challenges Posed by Mobile Devices:

Mobility brings two main challenges to cybersecurity: first, on the hand-held devices,
information is being taken outside the physically controlled environment and second remote
access back to the protected environment is being granted. Perceptions of the organizations to
these cybersecurity challenges are important in devising appropriate security operating
procedure. When people are asked about important in managing a diverse range of mobile
devices, they seem to be thinking of the ones shown in below figure.
As the number of mobile device users increases, two challenges are presented: one at the
device level called "micro challenges" and another at the organizational level called "macro-
challenges."
Some well-known technical challenges in mobile security are: managing the registry settings
and configurations, authentication service security, cryptography security, Lightweight
Directory Access Protocol (LDAP) security, remote access server (RAS) security, media
player control security, networking application program interface (API), security etc.

Registry Settings for Mobile Devices:

Let us understand the issue of registry settings on mobile devices through an example:
Microsoft Activesync is meant for synchronization with Windows-powered personal
computers (PCs) and Microsoft Outlook. ActiveSync acts as the "gateway between
Windows-powered PC and Windows mobile-powered device, enabling the transfer of
applications such as Outlook information, Microsoft Office documents, pictures, music,
videos and applications from a user's desktop to his/her device.
In addition to synchronizing with a PC, ActiveSync can synchronize directly with the
Microsoft exchange server so that the users can keep their E-Mails, calendar, notes and
contacts updated wirelessly when they are away from their PCs. In this context, registry
setting becomes an important issue given the ease with which various applications allow a
free flow of information.

Authentication Service Security:

There are two components of security in mobile computing: security of devices and security
in networks. A secure network access involves authentication between the device and the
base stations or Web servers. This is to ensure that only authenticated devices can be

CYBER Page 5
SECURITY
connected to the network for obtaining the requested services. No Malicious Code can
impersonate the service provider to trick the device into doing something it does not mean to.
Thus, the networks also play a crucial role in security of mobile devices.
Some eminent kinds of attacks to which mobile devices are subjected to are: push attacks,
pull attacks and crash attacks.
Authentication services security is important given the typical attacks on mobile devices
through wireless networks: Dos attacks, traffic analysis, eavesdropping, man-in-the-middle
attacks and session hijacking. Security measures in this scenario come from Wireless
Application Protocols (WAPs), use of VPNs, media access control (MAC) address filtering
and development in 802.xx standards.

Attacks on Mobile-Cell Phones:

 Mobile Phone Theft:
Mobile phones have become an integral part of everbody's life and the mobile phone has
transformed from being a luxury to a bare necessity. Increase in the purchasing power and
availability of numerous low cost handsets have also lead to an increase in mobile phone
users. Theft of mobile phones has risen dramatically over the past few years. Since huge
section of working population in India use public transport, major locations where theft
occurs are bus stops, railway stations and traffic signals.
The following factors contribute for outbreaks on mobile devices:
1. Enough target terminals: The first Palm OS virus was seen after the number of Palm
OS devices reached 15 million. The first instance of a mobile virus was observed during
June 2004 when it was discovered that an organization "Ojam" had engineered an
antipiracy Trojan virus in older versions of their mobile phone game known as Mosquito.
This virus sent SMS text messages to the organization without the users' knowledge.
2. Enough functionality: Mobile devices are increasingly being equipped with office
functionality and already carry critical data and applications, which are often protected
insufficiently or not at all. The expanded functionality also increases the probability of
malware.
3. Enough connectivity: Smartphones offer multiple communication options, such as
SMS, MMS, synchronization, Bluetooth, infrared (IR) and WLAN connections.
Therefore, unfortunately, the increased amount of freedom also offers more choices for
virus writers.

 Mobile - Viruses
 Concept of Mishing
 Concept of Vishing
 Concept of Smishing
 Hacking - Bluetooth

Organizational security Policies and Measures in Mobile Computing Era:

Proliferation of hand-held devices used makes the cybersecurity issue graver than what we
would tend to think. People have grown so used to their hand-helds they are treating them
like wallets! For example, people are storing more types of confidential information on
mobile computing devices than their employers or they themselves know; they listen to music
using their-hand-held devices.One should think about not to keep credit card and bank

CYBER Page 6
SECURITY
account numbers, passwords, confidential E-Mails and strategic information about
organization, merger or takeover plans and also other valuable information that could impact
stock values in the mobile devices. Imagine the business impact if an employee's USB,
pluggable drive or laptop was lost or stolen, revealing sensitive customer data such as credit
reports, social security numbers (SSNs) and contact information.
Operating Guidelines for Implementing Mobile Device Security Policies
In situations such as those described above, the ideal solution would be to prohibit all
confidential data from being stored on mobile devices, but this may not always be practical.
Organizations can, however, reduce the risk that confidential information will be accessed
from lost or stolen mobile devices through the following steps:
1. Determine whether the employees in the organization need to use mobile computing
devices at all, based on their risks and benefits within the organization, industry and
regulatory environment.
2. Implement additional security technologies, as appropriate to fit both the organization
and the types of devices used. Most (and perhaps all) mobile computing devices will
need to have their native security augmented with such tools as strong encryption,
device passwords and physical locks. Biometrics techniques can be used for
authentication and encryption and have great potential to eliminate the challenges
associated with passwords.
3. Standardize the mobile computing devices and the associated security tools being
used with them. As a matter of fundamental principle, security deteriorates quickly as
the tools and devices used become increasingly disparate.
4. Develop a specific framework for using mobile computing devices, including
guidelines for data syncing, the use of firewalls and anti-malware software and the
types of information that can be stored on them.
5. Centralize management of your mobile computing devices. Maintain an inventory so
that you know who is using what kinds of devices.,
6. Establish patching procedures for software on mobile devices. This can often be
simplified by integrating patching with syncing or patch management with the
centralized
7. Provide education and awareness training to personnel using mobile devices. People
cannot be expected to appropriately secure their information if they have not been told
how.

Organizational Policies for the Use of Mobile Hand-Held Devices

There are many ways to handle the matter of creating policy for mobile devices. One way is
creating distinct mobile computing policy. Another way is including such devices existing
policy. There are also approaches in between where mobile devices fall under both existing
policies and a new one.In the hybrid approach, a new policy is created to address the specific
needs of the mobile devices but more general usage issues fall under general IT policies. As a
part of this approach, the "acceptable use" policy for other technologies is extended to the
mobile devices.
Companies new to mobile devices may adopt an umbrella mobile policy but they find over
time the the they will need to modify their policies to match the challenges posed by different
kinds of mobile hand-held devices. For example, wireless devices pose different challenges
than non-wireless Also, employees who use mobile devices more than 20%% of the time will
have different requirements than less-frequent users. It may happen that over time, companies
may need to create separate policies for the mobile devices on the basis of whether they
connect wirelessly and with distinctions for devices that connect to WANs and LANs .

CYBER Page 7
SECURITY
Concept of Laptops:
As the price of computing technology is steadily decreasing, usage of devices such as the
laptops is becoming more common. Although laptops, like other mobile devices, enhance the
business functions owing to their mobile access to information anytime and anywhere, they
also pose a large threat as they are portable Wireless capability in these devices has also
raised cyber security concerns owing to the information being transmitted over other, which
makes it hard to detect.
The thefts of laptops have always been a major issue, according to the cybersecurity industry
and insurance company statistics. Cybercriminals are targeting laptops that are expensive, to
enable them to fetch a quick profit in the black market. Very few laptop. thieves. are actually
interested in the information that is contained in the laptop. Most laptops contain personal
and corporate information that could be sensitive..
Physical Security Countermeasures
Organizations are heavily dependent upon a mobile workforce with access to information, no
matter where they travel. However, this mobility is putting organizations at risk of having a
data breach if a laptop containing sensitive information is lost or stolen. Hence, physical
security countermeasures are becoming very vital to protect the information on the employees
laptops and to reduce the likelihood that employees will lose laptops.
1. Cables and hardwired locks: The most cost-efficient and ideal solution to safeguard any
mobile device is securing with cables and locks, specially designed for laptops. Kensington
cables are one of the most popular brands in laptop security cable. These cables are made of
aircraft-grade steel and Kevlar brand fiber, thus making these cables 40%% stronger than any
other conventional security cables. One end of the security cable is fit into the universal
security slot of the laptop and the other end is locked around any fixed furniture or item, thus
making a loop. These cables come with a variety of options such as number locks, key locks
and alarms.

2. Laptop safes: Safes made of polycarbonate - the same material that is used in bulletproof
windows, police riot shields and bank security screens-can be used to carry and safeguard the
laptops. The advantage of safes over security cables is that they protect the whole laptop and
its devices such as CD-ROM bays, PCMCIA cards and HDD bays which can be easily
removed in the case of laptops protected by security cables.
3. Motion sensors and alarms: Even though alarms and motion sensors are annoying owing
to their false alarms and loud sound level, these devices are very efficient in securing laptops.
Once these devices are activated, they can be used to track missing laptops in crowded
places. Also owing to their loud nature, they help in deterring thieves. Modern systems for
laptops are designed wherein the alarm device attached to the laptop transmits radio signals to
a certain range around the laptop.
4. Warning labels and stamps: Warning labels containing tracking information and
identification details can be fixed onto the laptop to deter aspiring thieves. These labels
cannot be removed easily and are a low-cost solution to a laptop theft. These labels have an
identification number that is stored in a universal database for verification, which, in turn
makes the resale of stolen laptops a difficult process. Such labels are highly recommended for
the laptops issued to top executives and/or key employees of the organizations.
5. Other measures for protecting laptops are as follows:
 Engraving the laptop with personal details
 Keeping the laptop close to oneself wherever possible

CYBER Page 8
SECURITY
  Carrying the laptop in a different and unobvious bag making it unobvious to potential
thieves
 Creating the awareness among the employees to understand the responsibility of
carrying a laptop and also about the sensitivity of the information contained in the
laptop
 Making a copy of the purchase receipt, laptop serial number and the description of the
laptop
 Installing encryption software to protect information stored on the laptop
 Using personal firewall software to block unwanted access and intrusion
 Updating the antivirus software regularly
 Tight office security using security guards and securing the laptop by locking it down
in lockers when not in use
 Never leaving the laptop unattended in public places such as the car, parking lot,
conventions, conferences and the airport until it is fitted with an anti theft device;
 Disabling IR ports and wireless cards and removing PCMCIA cards when not in use.
Information systems security also contains logical access controls. This is because,
information, be it corporate or private, needs high security as it is the most important asset of
an organization or an individual. A few logical or access controls are as follows:
1. Protecting from malicious programs/attackers/social engineering.
2. Avoiding weak passwords/ access.
3. Monitoring application security and scanning for vulnerabilities.
4. Ensuring that unencrypted data/unprotected file systems do not pose threats.
5. Proper handing of removable drives/storage mediums /unnecessary ports.
6. Password protection through appropriate passwords rules and use of strong
passwords.
7. Locking down unwanted ports/devices.
8. Regularly installing security patches and updates.
9. Installing antivirus software/firewalls / intrusion detection system (IDSs).
10. Encrypting critical file systems.

CYBER Page 9
SECURITY