Chapter:3

Cybercrime: Mobile and Wireless Devices

By: Gurwinder Singh Jatana

Objectives

• Understand the security challenges presented by mobile devices

and information systems access in the cybercrime world.
• Understand the challenges faced by the mobile workforce and their
implications under cybercrime era
• Learn about security issues arising due to use of media players.
• Understand the organizational security implications with electronic
gadgets and learn what organizational measures need to be
implemented for protecting information systems from threats in
mobile computing era.
• Understand smishing and mishing attack in the mobile world.
• Understand security issues due to daily used of removable media.
Mobile Computing

• Taking a computer and all necessary files

and software out in to the field.
• Examples: Mobile computer
• Laptop, Tablets, PDA, Cellphones,
Smartphones, Carputer, Pentop computer
Wireless

• It refers to method of transferring info.

Between a computing device and a data
source without physical connection.
Mobility Trends

• User Mobility: Access to the same or

similar telecommunication services at
different places, i.e. the user can be mobile,
and the services will follow him or her.
Device Mobility

• User should be able to move from one

device to another and use the same service.
Example:
Sales representatives using their desktop
computer in home Or office. During the day
while they are on the street they would like
to use their Palmtop to access the
application.
Session mobility

• Session mobility is the capability that

allows a user to transfer an ongoing
communication session from one device
to another.
Or
• A user session should be able to move
from one user-agent environment to
another
Code Mobility

•  Code mobility is the ability for running

programs, code or objects to be migrated
(or moved) from one machine or
application to another. This is the process
of moving mobile code across the nodes
of a network as opposed to distributed
computation where the data is moved.
Introduction

• In this modern world the rising importance of

electronic gadgets – which become an integral part
of business, providing connectivity with the internet
outside the office- brings many challenges to secure
these devices from being a victim of cybercrime.
• Today’s Smartphone's combine the best aspects of
mobile and wireless technologies and blend them
into a useful business tool.
Mobile Viruses: Cabir(2004)

• It is first and harmless mobile malware.

• When a phone is infected with Cabir, the

message "Caribe" is displayed on the
phone's display, and is displayed every
time the phone is turned on.

• It spread to other phones in the area using

wireless Bluetooth signals.
Mobile Viruses: Cabir(2004)

 Target : Symbian OS (Nokia 60 Series

Phones)

  It replicates but does not perform any

other activity, it will result in shortened
battery life on portable devices due to
constant scanning for other Bluetooth
enabled devices.
Mosquito Trojan

• It sends SMS messages with users

knowledge.
• Target: Symbian OS
Brador

• It works on Windows hand held devices.

• It opens a backdoor which could allow

hackers to take remote control of
compromised PDAs.

• It does not replicate itself via email..

Ikee

• The first worm known  iOS platforms.

• It only works on terminals that were
previously made a process of jailbreak,
and spreads by trying to access other
devices using the SSH protocol.
• Once the computer is infected, the
wallpaper is replaced by a photograph of
the singer Rick Astley.
Lasco

• A worm that spreads over Bluetooth

networks.
• Lasco also replicates by searching the
infected device for all SIS installation files.

• Slow down Phones

Credit Card Frauds in Mobile and Wireless
Computing Era

• These are new cybercrime that are coming up

with mobile computing- mobile commerce (M-
Commerce) and mobile banking (M-banking)
• Today belongs to “mobile computing,” that is
anywhere anytime computing. The developments
in wireless technology have fuelled this new
mode of working for white collar workers.
• Wireless credit card processing is relatively a new
service that allow a person to process credit card
electronically, virtually anywhere.
Credit Card Frauds in Mobile and Wireless
Computing Era

• Wireless credit card processing is a very

desirable system, because it allows
businesses to process transactions from
mobile locations quickly, efficiently and
professionally.
Tips to prevent Credit Card Frauds
Do’s

• Put your signature on the card

• Make photocopy of both side of the card and preserve it at a
safe place
• Change the default PIN
• Always carry the contact details of your bank.
• Carry your card in a separate pouch/ card holder than wallet.
• Keep an eye on your card while transaction.
• Report immediately if found any discrepancy .
• Inform to your bank if any change in your contact number.
• Report the loss of your card immediately in your bank and at
police station.
Tips to prevent Credit Card Frauds
Don’t’s

• Store your card number and PIN in your cell.

• Lend your card to someone.
• Sign a blank reciept
• Write your card number/PIN on any
paper/phone.
• Give out immediately your account number
on phone
Types and Techniques of Credit Card
Frauds

• Traditional Technique
• Modern Techniques
Traditional Technique

• The traditional and first type of credit card

fraud is paper based fraud- application
fraud, where a criminal uses stolen or fake
documents such as utility bills and bank
statements that can build up useful
Personally Identifiable Information (PII) to
open an account in someone else’s name.
Modern Techniques

• Sophisticated techniques enable criminals

to produce fake and doctored cards.
• In this techniques skimming is a technique
where the information held on either the
magnetic strip on the data stored the smart
chip copied from one card to another.
Modern Techniques
• Triangulation: It is another method of credit card
fraud and works in the fashion as explained :
– The criminals offers the goods with heavy discounted
rate through a website.
– The customer registers on this website with his/her,
address, shipping address and valid credit card.
– With the information entered by customer criminal do
shopping's from other websites.
Modern Techniques

• Credit Card Generators: It is another

modern technique, Computer emulation
software's are used to create valid credit
cards with valid numbers and expiry date
etc.
Security Challenges Posed by Mobile
Devices

• There are two types of mobile challenges:

• One at the device level called microchallenges
and other at the organization levels called
macrochallenges.
• Some well known challenges in mobile
computing are: Managing the registry setting
and configurations, authentication service
security, cryptography security, LDAP, RAS,
media player control security.
Attacks on Mobile Cell Phone

• Mobile Phone Theft

• Mobile Viruses
• Mishing
• Vishing
• Smishing
• Hacking Bluetooth
Mobile Phone Theft

• Mobile phones are becoming expensive hence

increasingly liable to theft. Criminals are interested
in accessing wireless service and seek potential
possibility to steal the ID
• Keep the following details of your phone
– Phone number
– Make and Model
– Color and appearance
– PIN and security lock code
– IMEI (International Mobile Equipment Identity ) number
Mishing

• Mishing is a combination of mobile phone and

phishing.
• Mishing attacks are attempted using mobile phone
technology.
• If you use your mobile phone for purchasing
goods/services and for banking, you could be more
vulnerable to a Mishing scam.
• A typical Mishing attacker uses call termed as Vishing
or message known as Smishing. Attackers pretend to
be an employee from your bank and claim a need for
personal details.
Vishing

• Vishing is the criminal practice of using social

engineering over the telephone.
• The term is combination of V- Voice and Phishing.
• The most profitable uses of the information
gained through Vishing include:
– ID theft
– On line shopping
– Transferring Money
– Monitoring bank account details
How Vishing Works

• The attacker often use a war dialer to call phone

numbers of people of a specific region.
• When the victim answers the call, an automated
recorded message is played to alert the victim
that his/her credit card has had fraudulent
activity and/or his/her account has had unusual
activity. The message instruct the victim to call
one phone number immediately. The same
phone number is often displayed in the spoofed
caller ID, under the name of financial company.
How Vishing Works

• When the victim calls on the provided

number, he/she is given automated
instructions to enter his/her credit card
number or bank account details with the
help of phone keypad.
• Once the victim enters these details, the
criminal has the necessary information to
make fraudulent use of the card to access
the account.
Example Vishing

1. Thank you for calling (Local Bank name). Your

business is important to us. To help you reach the
correct representative and answer your query fully,
please press the appropriate number on your
handset after listening to options:
– Press1 if you need to check your banking details
and current balance.
– Press2 if you wish to transfer funds
– Press3 to unlock your online profile
– Press0 for any other query
Cont.

2. Regardless of what user enters the

automated system prompts him to
authenticate himself: “The security of each
customer is important to us, to proceed
further we require that you authenticate
your ID before proceeding. Please type
your bank account number, followed by
hash key”.
Cont.

3. The victim enters his/her bank account details

and hears the next prompt: “Thank you. Now
please type your D.O.B”.
4. The caller enters his/her date of birth and again
receives a prompt from the automated system:
“Thank you, now please enter your PIN followed
by hash."
5. Now customer hears last prompt from system,
“Thank you.” Now we will transfer you to
appropriate representative.
How to Protect from Vishing attack

• Be suspicious about all unknown callers.

• Do not trust caller ID, it does not guarantee
whether the call is really coming from that
number, that is from the individual and/or
company.
• Be aware and ask questions, in case someone is
asking you for personal or financial information,
tell them you will call back immediately to verify if
the company is legitimate or not.
Cont.

• Report vishing calls to the nearest cyber

police cell with the number and name that
appeared on the caller ID as well as the
time of day and the information talked
about or heard in a recorded message.
Smishing

• Smishing is the criminal offense conducted

by using social engineering techniques
similar to phishing.
• The name is derived from SMS Phishing
Example Smishing

• We are happy to send our confirmation toward

your enrolment for our “xyx club membership” .
You will be charged Rs. 50 per day unless you
reconfirm your acceptance of your membership
on our “Membership office contact xxxxxxxxxx”.
• XYZ bank is confirming that you have
purchased LCD TV worth Rs. 85000 only from,
website name. Visit www.abcd.com if you did
not make this online purchase.
Bluetooth

• Bluetooth is an open wireless technology used

for communication over short distances.
• Short range wireless communication uses
2.4GHz
• Bluetooh 1.0, 1Mbps
• Bluetooth 2.0 3Mbps
• When Bluetooth is enabled on a devices, it
broadcasts its availability.
• IEEE 802.15 standard
Bluetooth Hacking tools

• BlueScanner
• BlueSniff
• BlueBugger
• Bluesnarfer
• BlueDiving
Bluetooth Hacking Tools

• Bluetooth Scanner: The tool enables to

search for bluetooth device and extract the
information from the discovered device(s).
• Bluesniff: This is GUI based utility for finding
bluetooth enabled devices.
• BlueBugger: This tool is used to exploit the
vulnerability of the device and access
images, phonebook, messages and other
personal information from it.
Bluetooth Security Attacks

• Bluejacking: sending unsolicited messages

over blutooth to Bluetooth enabled devices.
• Creating a legitimate name in the address
book, the bluejacker's message takes the
place of the name. The prank essentially
erases the "from" part of the equation,
allowing a user to send any sort of comment
he wishes without indentifying himself.
BlueSnarfing

Bluesnarfing is the theft of information from

a wireless device through a Bluetooth
connection.
By exploiting a vulnerability, an attacker can
access information -- such as the user's
calendar, contact list and e-mail and text
messages -- without leaving any evidence of
the attack.
BlueBugging(BT attack)

Bluebugging allows skilled individuals to

access the mobile phone commands
using Bluetooth wireless technology without
notifying or alerting the phone's user.
This vulnerability allows the hacker to initiate
phone calls, send and read SMS, read and
write phonebook contacts, eavesdrop on
phone conversations, and connect to
the Internet.
BlueBugging Scenerios
Bluebugged devices are vulnerable to one or
more of the following scenarios:
A device can be remotely controlled, which
allows hackers to intercept or reroute
communication.
Hackers may send and read text messages.
Hackers may place or monitor phone calls.
Hackers may do all of the above without
leaving a trace.
Car Whisperer (BT Attack)
• Hacking technique which can be used by attackers
to hack handsfree Bluetooth in-car system and
connect it to a Linux system to inject audio to or
record audio from a bypassing car.
• Car Whisperer can easily be used by the
attackers to invade privacy and listen to
conversation inside a car and exploit that to
illegitimate purposes.

•
Physical security

• Cables and hardwired locks

• Laptop Safes
• Motion sensor and alarms
• Warning labels and alarms
Physical Security

• Laptop Safes: Safes made of polycarbonate- the

same material that is used in bulletproof
windows, can be used to carry and safeguard
the laptop.
• Motion sensor and alarms: They can be used to
track missing laptops in crowded area, also
owing to their loud nature they help in deterring
thieves. The owner of the laptop device has a
key ring device with a battery that keep the
powered on even when the system is shutdown.
Physical Security

• Warning labels and stamps: Warning labels

containing tracking information and
identification details can fixed onto the laptop to
deter aspiring thieves. These labels have an
identification number that is stored in a
universal database for verification, which in turn
makes the resale of stolen laptops a difficult
process. Such labels are highly recommended
for the laptops issued to top executives.
Security issues due to Removable
Media

• With the advancement in technology

devices continue to decrease and emerge
in new shape and sizes, hence unable to
detect and have become a prime
challenge for organizational security. Their
small size allows for easy concealment
anywhere in a bag or on the body.
Mobile device:Security Implications

• Managing Diversity and proliferation of

hand held devices
• Unconventional/stealth Storage devices
• Threats through lost and stolen devices
• Protecting data on lost devices
• Educating the laptop users
Stealth storage devices
SysTools USB Blocker

• Allows blocking all the USB Ports from any user machine.

• Machine Username & Password required to Block /Unblock Ports.
• Option to recover lost user password using the email address.
• Need to set a new password for USB Ports Blocking &
Unblocking.
• Need to re-login into User machine to block USB ports on multiple
machines.

• Netwrix USB Blocker

Startling statistics of lost devices

• One laptop is stolen every 53 seconds.

• 70 million smartphones are lost each year, with only 7
percent recovered.
• 4.3 percent of company-issued smartphones are lost
or stolen every year.
• 80 percent of the cost of a lost laptop is from data
breach.
• 52 percent of devices are stolen from the
office/workplace, and 24 percent from conferences.
Source: Kensington's infographic
Lost & stolen devices

• The data shows that the cost of the loss is

far greater than the cost of the device itself.
• It puts a corporate at serious risk of
sabotage, exploitation and damage to
professional integrity.
• With the loss of a single laptop, including
downtime, support, and management time,
the average loss exceeds $49,000.
Protecting data on lost devices.

• Third party tools to encrypt the data.

• Encrypting the entire file system.
• Self destruct policy to destroy sensitive
data on a lost device.
Educating laptop users

• Downloading of non work related

software.

• Majority of employees download unwanted

software on their machines.

• Companies have the policies to manage

internet access on laptops.
Organizational measures for handling
mobile devices related issues
•Encrypting organizational databases
Rijandael block encryption algo(Advanced encryption standard)
Multi dimensional space rotation (MDSR) algo)

•Include mobile devices in security strategy

Strong asset management
Security audits
Security awareness programmes
Security issues due to Removable
Media

• Organization has to have a policy in place to block

the USB ports while issuing the asset to the
employee.
• Disgruntled employees can connect a USB/small
digital camera/MP3 player to the USB port of any
unattended computer and will be able to download
confidential data or upload and malicious software.
• Using Device lock software one can have control
over unauthorized access to plug and play devices.
Thanks