BlackBerry and Brethren Carry Security Bull's-eyeBy Matt Hines | Posted 2006-08-17 Email Print
The security researcher who released a BlackBerry Attack Toolkit said that many companies using Research In Motion's handhelds may not be adequately protected, and that other network-connected wireless systems may be easy marks for similar threats.
Companies who have not appropriately applied Research In Motion's security protections for its BlackBerry communications system are vulnerable to outside attacks based on malware code released mid-August by researchers, and the threat illustrates a wider issue with always-on wireless applications, analysts say.
Jesse D'Aguanno, director of professional services and research at consultant Praetorian Global, Placerville, Calif., published his BlackBerry Attack Toolkit on Aug. 16 after first showing off the software at the DefCon reverse engineering convention held in Las Vegas earlier in August.
While companies that have aggressively exercised RIM's security features for its back-end BlackBerry servers should be immune to attacks based on the code, D'Aguanno said, many users of the ubiquitous wireless communication devices remain vulnerable.
"Many of the BlackBerry deployments we see are insecurely deployed and vulnerable to this sort of attack," said D'Aguanno.
"By releasing the code we're trying to make people understand the potential risks; there's a need to realign people's thinking as far as portable device security, along with making administrators realize they can't just put something like this on a network without understanding the security implications first."
In his presentation at DefCon, the researcher highlighted the ability of the hacking program, dubbed BBProxy, to be installed on a BlackBerry device or sent as an e-mail attachment to an unsuspecting user.
If levied against ill-prepared BlackBerry servers, the attack opens a covert communications channel with the RIM infrastructure by bypassing gateway security controls installed between the hacker and the inside of the victims' network, D'Aguanno said.
Because the communications channel between the BlackBerry server and any connected handheld devices is encrypted and cannot be scoured by most network intrusion detection tools, unsuspecting administrators could overlook the exploit, which could be used to steal private information or deliver other forms of malware.
Next Page: Other wireless systems.