Like any data communication network, mobile networks contain a range of security threats. Though some threats are easy to identify and mitigate, the unique structure and complexity of mobile networks makes security threats elusive. In the past, mobile networks enjoyed the privileges of a “Walled Garden” – a closed, isolated ecosystem – under the full control of mobile carriers that used proprietary protocols and had minimal security risks due to restricted user access. They developed their own technologies, standards and interface systems, and were rewarded with security through carefully constructed obscurity. With the introduction of 4G, Long Term Evolution (LTE) and the IEEE standardization of mobile networks, the secure “Walled Garden” days are over.read more
After reading this article and piecing through the motivations of the hactivist group illustrated in the story, I couldn’t help but think how the world of an information security professional is changing.read more
Black Hat has come and gone again, the swag has been dispersed, the livers are recovering and delegates are returning to their normal lives with new ideas and newfound fears. My colleagues will be reporting on their findings, but I wanted to just touch on a few highlights of the conference, some sadness and talk about the value of research.read more
Distributed Denial of Service (DDoS) is unique in the sense that these attacks actually consist of many legitimate individual requests. It is only the large volume of simultaneous requests that turns those legitimate requests into an attack. Consequently, one of the biggest challenges in mitigating DDoS attacks is distinguishing between malicious and legitimate traffic.read more
Last night, the Wall Street Journal ran a story around the Food and Drug Administration’s (FDA) warning to makers of medical devices that the gear they’re producing is at risk of being infected with computer viruses that can endanger patients.read more
This past weekend, Security Week ran a byline I wrote regarding Long Term Evolution (LTE).
Although this brings the promise of relieving traffic jams for mobile operators, it also brings new security risks. As traffic generated by smartphones grow, LTE networks’ fast mobile broadband will assist handling the increased traffic.
However, mobile operators will have to learn how to handle the new threats. New Advanced Persistent Threats (APT) are emerging and mobile carriers and mobile user will find themselves struggling with similar APTs that we see at Enterprises today. For Long Term Evolution networks not to fall short on security, mobile operators must realize the increased threats from malware, fraud, distributed denial of service (DDoS) attacks and many other attacks, and adopt more comprehensive and innovative security strategies.
Although LTE, which is commonly referred as mobile network 4th generation (4G), provides a solid infrastructure to deliver advanced, content-rich applications in real-time, I discuss a few security challenges that should be addressed in order to protect the network from overload and declining quality of service.
The article can be found here. I invite you to read it, and feel free to share any comments or questions you may have for me.read more