Top Things Your Service Provider Needs to Know About Security

0
66

So far, when one mentioned mobile security, it meant two possible security attack vectors. They were either attacks at the network perimeter – such as high-volume Denial of Service (DoS) attacks at the network level – or attacks at the critical-infrastructure level (RADIUS, Diameter, LDAP servers, etc.) – which means targeted DNS or HTTP traffic attacks. Well, the mobile security landscape is now changing, introducing a new attack vector – mobile clients!

With the recent advancements of both 3G mobile networks and smart-phones (read: iPhone/Android devices), any mobile user has mobile broadband connectivity and enjoys an open OS with many downloadable applications – that can be also mobile attack tools. The combination of these presents a new reality; a reality in which virtually any mobile user can become a potential attacker! The result – as you can guess by now – mobile operators are increasingly getting concerned about that.

Probably the most interesting fact to point out is that this new breed of mobile attacks is omni-directional, i.e. mobile to network, network to mobile (often initially triggered by a mobile attacker) as well as mobile to mobile (M2M). M2M attacks are the trickiest; as the mobile attacker will exploit the mobile core network resources and use its services (SMS, MMS, sending data, etc.) to attack other clients on its network. The impact of hand-held mobile device as a source or destination for attacks may vary from just annoying battery draining attacks to network paging overflow attacks, resulting in network disruption. But they can also include a complete mobile network breakdown. This could definitely make one quite nervous, huh?

From the mobile operator angle, it is essential to deploy the full means of protection against such multi-vector attacks, by utilizing a security attack mitigation solution that will defend not only the mobile network, but also its clients at the perimeter, critical infrastructure level and mobile device layers. Specifically, it is cruicial to detect on-the-fly “mis-behaving users” that can potentially become concrete attackers.

So next time your iPhone battery starts to drain too quickly, unless you downloaded some battery-intensive application (which is a totally different probelm…) – your mobile device might just be under attack!

Until next time,

Nir

Previous articleVMware Forum 2011: Debating Virtual Application Delivery Controller
Next article5 Tips to Ease IPv6 Migration
Nir Ilani owns the global product strategy and practices of Radware’s Cloud Security services including Cloud DDoS Protection, Cloud WAF and Cloud Acceleration. He has over two decades of diverse engineering and product management experience including managing the design, development and release of industry-leading, high-scale solutions. Nir is an expert in Cloud Computing, Cyber Security, Big Data and Networking technologies, and a frequent speaker in technology events. Nir holds a Bachelor in Computer Science and Business Administration as well as MBA, both from Tel-Aviv University. Nir writes about trends, technological evolution and economic impact related to Cloud, Security and everything in between.

LEAVE A REPLY

Please enter your comment!
Please enter your name here