Gee, even the tools that update your smartphone’s operating system over the air have holes that hackers can slip into.
The open mobile alliance device management (OMA-DM) protocol is used by around a hundred smartphone companies to release software updates and conduct network administration. And that’s what they say where the problem lies.
A hacker must know the handset’s distinct international mobile station equipment identity (IMEI) number, plus a secret token, to take remote control. It’s not difficult to obtain the IMEI number or the secret token of the company, thanks to lax networks and vulnerable operating system versions.
Researchers discovered they could easily upload code to a phone after following a WAP message from a base station, then proceed like a hacker would.
Another experiment showed that a fake femtocell could be used to get into BlackBerry, Android and some iOS devices by using weak security protocols. Participants turned off their smartphones and set the femtocell to its lowest power setting. The researchers still managed to pick up over 70 handsets.
They found that Android was the most vulnerable, along with BlackBerry. iOS was tougher to crack, but some devices that were run by Sprint were vulnerable.
Another flaw was that devices could be tricked into checking on their OMA-DM servers; the connections had http instead of https.
The researchers reported that most of the manufacturers and carriers had fixed the OMA-DM systems—most, not all.
What are the network threats?
Hackers practically have the cyberworld at their fingertips, able to attack in so many ways, using so many methods, from apps to users, users to users, and various machines to machines. Hackers don’t just want to access data; they want to manipulate it.
4G refers to fourth generation network, succeeding 3G to offer the fastest speed for wireless activity. The protocol for 4G, however, is flawed, allowing for weakening of the protection for phones and their networks.
The hacker would go right for mobile networks to get simpler, wider entry points. Networks for mobile devices, thus, need to be toughened up. If a smartphone is infected, it will be able to target and scan other smartphones within its proximity (since 4G is IP based), all while the carrier has no clue.
The hacker could infiltrate a desired network, access the 4G network, then have a nice, easy launching pad for the crime.
If a hacker uses weak wireless APN connections for his activities, this forces the smartphones in use to rely upon an ongoing network connection. This will make batteries wear out faster. Furthermore, jammed-up signals may lead to denial of service.
One way to protect wireless networks is by using Hotspot Shield to override any insecurities of open free WiFi and to help protect from some of 4Gs failings.
With the fast speed that stands to come with 4G are also weak security levels and lame network structures. Users will not appreciate this price, and mobile operators will need to step quite a bit up on security tactics for keeping hackers out.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Cellular Base Station Range Extenders Vulnerable to Attack
Low-powered cellular base stations are often found in residential homes and small businesses where mobile coverage is scant. The device, which also known as a femtocell, connects to DSL or cable connections and extends cellular coverage to a functional level where cell towers simply don’t reach. Some cellular base stations can accommodate up to 16
- What is Wardriving?
Wireless networks have certainly brought a lot of convenience to our lives, allowing us to work and surf from almost anywhere—home, cafes, airports and hotels around the globe. But unfortunately, wireless connectivity has also brought convenience to hackers because it gives them the opportunity to capture all data we type into our connected computers and
- The Rise of Smartphones
More consumers than ever before are buying smartphones. A smartphone is an Internet-enabled mobile phone with the ability to purchase and run applications. Smartphones are generally equipped with voice, data, Wi-Fi, Bluetooth, and GPS functions. Operating systems include Google’s Android, Apple’s iOS and Windows’ Mobile 7. Most function on a 3G wireless connection and can
- Crack Your WiFi Password To Protect Yourself
Ever wanted to be a hacker? Today, anyone can learn code and understand the ins and outs of all the technology we are simultaneously blessed and cursed with. But once you know how all this technology works to the point of calling yourself a hacker (which, by the way, isn’t necessarily a bad word), then
- New Mobile Security App for Android Smartphones
Consumers with smartphones understand they are carrying around the functions of a computer, but most users are unaware that smartphones are susceptible to the same security threats that plague laptops and desktops. As more online retailers introduce mobile e-commerce applications, criminal hackers are taking notice. Existing mobile operating systems are under attack and, like standard PC