Russian hacking highlights need for greater mobile device security
Most organizations have no form of mobile device detection or monitoring to warn them that they have been compromised. This makes the target that much easier for the hacker to compromise. Hackers work on the basis of absolute anonymity. In fact, they are much more likely to abandon an attack rather than reveal their identity. It is incredibly important for us to understand that they are not going to let us know that they’re performing a nefarious action on a device. They continue to do it in stealth until they succeed.
{mosads}Mobile devices admit to their location and aggressively connect to cell towers and Wi-Fi connections that may be malicious. This built-in phone feature is abused by hackers to get your device to connect to their network connection. In the case of this incident, Russia allegedly put telecom equipment on drones and flew them near NATO servicemen. But don’t be distracted. While those James Bond-esque techniques are exciting, the more important parts of the attack include off-the-shelf, easily purchased rogue access points, proving again how simple mobile attacks are to conduct.
For most of us, the hacker would now know who we are, our contacts are, who is in proximity to us and could do things like listening in on our conversations, steal contacts and emails, take pictures, decrypt network traffic, and make transactions using our phone.
This scenario is much like a banking Trojan where malware attacks an app on the phone and makes transactions using the compromised phone. When you apply this capability to a mobile device with sensitive NATO data and apps, you can see the damage potential that exists when phones are out, exposed, and being silently compromised.
Both the assets on the phone and access on the phone are prime hacker targets. This is extremely dangerous. A few examples of actions hackers commonly take:
- Weaponizing the phone not only by compromising the phone and apps on it and turning it into a surveillance tool, but also corrupting systems on the backend.
- Installing a RAT (remote access tool). A hacker can compromise a mobile device and installed a RAT while it’s out in the wild. Then the unsuspecting phone owner walks it right into, for example, a NATO office. It is now a weapon designed to carry out activities on behalf of the hacker. And no one knows because unlike physical security measures, phones have no sensor or wand to ID them as a weapon.
To put the problem in perspective, anecdotally, we have heard that there are approximately 200,000 cyber warfare soldiers in China alone — with cybercriminals globally setting their sights on targets that certainly include mobile devices. Given the reality that mobile devices are the most vulnerable computing devices, clearly, this is an issue that requires attention.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.