Guardian Solution's Website Design & Online Marketing Blog

Website Design, Google's Algorithms, Online Marketing change at a rapid pace. And, cybersecurity is more important than ever. Keep up to date with the latest changes here on our blog.
Font size: +
2 minutes reading time (397 words)

Your Cell Phone might be talking to the wrong people..

b2ap3_thumbnail_cel_hack.png

Did you know?... hackers have gone to new levels as of late in the evil quest to steal your personal information.  In a spin of the 'Man In The Middle' attack, hackers are setting up temporary powerful cell phone relays that act like a cell tower.  Most phones are indiscriminate when associating to a new tower and base its connection not on trust, rather the strength and carrier the tower provides.  If you think you or your phone would know the difference, think again. 

If your phone connects to one of these fake towers, the attackers see all unencrypted traffic that passes over your phone.  The information gleaned can be used attack your phone in a more direct manner later. 

An example of this:  The attacker sits in the corner of Starbucks Coffee every night.  In his backpack he carries a small antennae that is throwing a powerful cell signal.  To all the customers phones sitting in the cafe', that is the strongest tower around and automatically associate with it.  The attacker sits quietly sipping his coffee reading a book, giving no outward sign that the small device in his backpack is snarfing gigabytes of data.  Later that night he goes through the information he gathered.  He prepares crafted attacks against several phones which are running services or application which put them more at risk.  For several others he sees a pattern of unsafe browsing and activity, such as reading email when on public wi-fi.  For those he crafts more specific attacks.  Over the next week, he returns to the Starbucks, this time with laptop running a script that looks for the same cell phones.  If one of the phones from the initial recon associates to his fake cell tower, or even gets on the public wi-fi, his script executes automatically and installs itself on the phone.  Now that he has the phone, it will most likely move to the personal computer and any other computer to which the phone links at any point in the future. 

Android developers has recognized this threat and are working on developing an app which validates the security of a tower before associating.  Be sure to check for new software regularly and keep your phone and computers updated.  If you have further concerns or wish to talk about implementing a BYOD (bring your own device) security policy, call us today, 719.749.1112

Tweet
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Yahoo Passwords Compromised
Verizon Customers Beware
COOKIE NOTICE:

Guardians Solutions LLC uses cookies to provide necessary website functionality, improve your experience and analyze our traffic. By using our website, you agree to our legal policies.