YOU ARE AT:DevicesEMEA: LTE hacks, fake BTS and games that steal your secrets

EMEA: LTE hacks, fake BTS and games that steal your secrets

Claudia Bacco, Managing Director – EMEA for RCR Wireless News, has spent her entire career in telecom, IT and security. Having experience as an operator, software and hardware vendor and as a well-known industry analyst, she has many opinions on the market. She’ll be sharing those opinions along with ongoing trend analysis for RCR Wireless News.

It’s enough to make you crawl back under the covers and never leave the house, much less the safety of your warm duvet. Luckily, Nokia has solutions available that let mobile network operators keep their subscribers’ content safe. Recently I visited the new Nokia Security Center in Berlin and got to see some of these solutions firsthand.

Mobile GuardMobile Guard is the first solution to consider. This hacking scenario is aimed at Android users and the statistics are pretty staggering. According to information provided by Nokia, 92% of all infected mobile devices are Android based, up from 47% in 2012. By 2017, it is predicted that 1 billion Android devices will ship and today there are already 500 third-party Android app stores that are actually providing malicious applications when downloaded. The Mobile Guard solution can protect your content if you happen to download one of these malicious applications, even without anti-virus software on your smartphone. Of course that assumes your mobile operator has deployed this solution in their network. It can identify a problem, notify the user and block all further transactions via the network operator until the situation is resolved. The photo here shows the type of information an operator sees when tracking activities on its network. It shows the number of events, types of malware, destination IP address, smartphone model and severity of the attack. The video below shows how this might transpire through the download of a seemingly safe game.

There are a lot of exciting developments to come with wider deployment of LTE. But we can’t overlook the security challenges that come into play with an all-IP network. Small cells will be everywhere and most likely without the security needed to keep those with malicious intent at bay. In the video below we will see just how easy it is to capture data being transferred via an LTE network by inserting a small device that you can purchase for less than $100. Not only can the data be captured, but the voice discussion taking place as well. Nokia is already working with operators to secure its LTE networks via IPSec tools. You will see in the video, with access to the base station it takes a matter of seconds – not even minutes – to insert a device to capture all transferred data.

China is currently in the lead as having the biggest problem of text message spam from fake base stations. Unfortunately, the scenario is likely coming to a market near you in the not too distant future. So how does this work? “Text-messaging cars” drive through neighborhoods pretending to be a BTS. The mobile phones in the area connect to this infrastructure thinking it is a legitimate BTS. As a result they are blasted with annoying text messages offering services. According to The Economist, in 2013 the residents of China received 300 billion spam text messages or the equivalent of one per day per person. In larger markets, people received about 700 per year equaling about 30% of all text messages they received. In the U.S. the figure is about 20%. Granted, this is highly annoying and costly depending on your phone plan, but what about when these messages become malicious.

The video below walks through the work Nokia is doing to help protect its customers from fake BTS activities. The reality is that although LTE makes this harder, GSM makes it quite easy. Those with malicious intent can use a jammer to force your phone back onto a GSM frequency without you even being aware. There is now a trend where these text messages include links that will deploy malware on your device and allow your information to be stolen when you click on them.

Before you head back under your duvet, there are a few easy steps you can take to safeguard your data:

  • Think twice about storing confidential data and especially passwords on your smartphone
  • Install an anti-virus solution on your smartphone
  • Be diligent in only using reputable Android app stores
  • Treat incoming text messages from unknown senders the same as you would an email from an unknown sender – with caution.

ABOUT AUTHOR

Claudia Bacco
Claudia Bacco
Contributing Writercbacco@rcrwireless.com Originally from Boston, now living in Munich, Germany, Claudia Bacco has a wealth of corporate marketing, branding and positioning experience within technology companies such as Nokia Networks, Juniper Networks, Verizon and AGT International. Claudia has also worked as a consultant advising organizations on their strategic messaging and positioning needs. As a former industry analyst, she worked with startups being a member of their advisory boards during their funding and market launch activities.