Cyber Security Awareness

 


Mobile cybersecurity awareness: Nowadays of mobile computing is most important than mobile security or specifically mobile device security, a particular concern is a security of personal and business information now stored on smartphones. More and more users and businesses use a smartphone to communicate, but also to plan and organize their user's work and private life. within companies, these technologies are causing profound changes in the organization of information systems. therefore they have become the source of new dangerous risks. indeed smartphones collect and compile an increasing amount of sensitive private information to which access must be controlled to protect the privacy of the users or the intellectual property of any organization. all smartphones as computers are preferred targets of attacks. These attacks exploit weaknesses inherent in smartphones that can come from communication mediums like SMS, MMS, Wi-Fi, Bluetooth, GSM.

inspect multiple machines with malware that begins generally sending by email attachment or from a compromised application or world wide web. By doing this the main lead then give hackers remote control of Zombie device which can be instructed to perform a nefarious hacking act. Malicious applications upload malicious programs (which are called viruses) against third-party smartphone applications. This malicious program Stole personal sensitive information and send it back to the hackers. Although recently the hackers involve the communication channels to install an additional application, social media networks too. Black hat hackers who especially attack availability their goal is to develop virus and cause damage to the device.



A smartphone user is exposed to various threats. Mainly Prime targets for attackers are-

⇛data: Smartphones is a device for data management and may contain sensitive data like credit card numbers, authentication information, private information, activity logs, calendar, call logs, etc

⇛Identity:  smartphones are highly customizable, so the device or its contents can easily be associated with a specific person or place or something else.  every mobile device can transmit information related to the owner of the mobile phone contract and an Attacker may want to steal the identity of the owner of a smartphone to commit other offenses.

⇛Availability:   attacking a smartphone can limit access to it and separate the owner of its use, the owner can do nothing with his own smartphone. 

Others are targeted by the attacker.


1>Attack based on SMS and MMS: some mobile phone models have problems in managing binary SMS messages. it is possible by sending a week from the block, to cause the phone to restart which leads to denial of service attacks. If a user Received a text message containing a Chinese character, it would lead to a denial of service. a study on the safety of the SMS infrastructure revealed that SMS messages sent from the internet can be used to perform a distributed denial-of-service attack against the mobile telecommunication infrastructure of a big city. Another potential attack could begin with a phone that sends an MMS to other phones included an attachment. this attachment is infected with the virus, upon receipt of the MMS, the user can choose to open the attachment if it is opened the phone is infected and the virus starts operating and start to send MMS with an infected attachment to all the contacts in the phone address book.  there is a real-world example of this attack is if a user installs software received by MMS message, then the virus began to send messages to recipients taken from the installed phone address book.




2>Attacks based on the GSM network:  the attackers tried to break the encryption of the mobile network. the GSM network Encryption Algorithm belongs to the family of algorithms called A5. there were originally two variants of the algorithm A5/1 and A5/2. Where the former was designed to be relatively strong and the latter designed as weak on purpose to allow easy cryptanalysis And eavesdropping. since the Encryption Algorithm was made public, it was proved it was possible to break. Nowadays stronger public algorithms have been added to the GSM standard A5//3 and A5/4, even in case mobile phones are able to use 3G or 4G which have much stronger encryption than 2G GSM.this is the basic for eavesdropping attacks on mobile radio networking using a fake base station commonly called and IMSI catchers. meaning Tracking of mobile terminals is difficult since each time the mobile terminals are accessed or being accessed by the network and a new temporary identity(TMSI) is allocated to the mobile terminals. the TMSI is used as the identity of the mobile terminal the next time it accesses the network. the TMSI is sent to the mobile terminal in an encrypted message. Once the Encryption Algorithm of GSM is broken the attacker can intercept all unencrypted communicational made by the user's smartphone.




3>Attacks based on Wi-Fi: An attacker can try to spy on Wi-Fi Communications to theft your privacy such as password, username, bank account details. This type of attack is not unique to smartphones but they are very vulnerable to those, attacks because very often the Wi-Fi is the only means of communication they have to access the internet. The security of the wireless networks is important but initially wireless networks are secured by WEP keys, the weakness of WEP is a short encryption key which is the same for all connected clients. now, most wireless networks are protected by the WPA, a security protocol. WPA is based on temporal key integrity protocol which was designed converted from WEP to WPA on the equipment already developed. the major improvements in security dynamic encryption keys. Encryption can be vulnerable if the length of the shared key is short. Nowadays the successor to WPA, which is called WPA2 is proposed to be safe and secure. Many smartphones for wireless LANs remember stations which they are already connected and this mechanism prevents the user from having to re-identify, with each connection using the fact that some smartphones remember the network they could confuse that two networks and connect to the network of the attacker, who can intercept data if it does not transmit its data in encrypted form.





4> Bluetooth-based attack: A scientific research team has been studied Security issues related to Bluetooth on mobile devices and found numerous problems on different smartphones which are easy to take advantage of as a vulnerability. unregistered services do not require authentication and all vulnerable application have a virtual serial port used to organize control of the smartphone and the hacker only needed to connect to the port to take full control of the device. when a phone Bluetooth is on and When Bluetooth is in Discovery mode, the hacker sends a file via Bluetooth, if the recipient user accepts, a virus is transmitted. Such Cabir is a worm that is spread by a Bluetooth connection. the worm search for nearby phones with Bluetooth in discoverable mode and sands itself to the targeted user device. When the user accepts the incoming file and installs the program or opens it, after installing or viewing the file, the worm infected the user’s device.





5>Web browser: The mobile web browser acts as an emerging attack vector for mobile devices. just as common computer web browsers mobile web browsers are extended from pure web navigation with huge widgets and plugins. Otherwise, all are completely native mobile browsers. as a result of the explosion of availability. Described. the smartphone is also the victim of classic piracy related to the Malicious website, software that runs in the background.





6>Electromagnetic waveforms:  researchers at the French government agency (ANSSI) in 2015 demonstrated the capability to Trigger the voice interface of certain smartphones remotely by using a specific electromagnetic waveform. The imbibe took advantage of the antenna properties of headphones while plugged into the audio output jack of the vulnerable Smartphones. effectively outwitted audio input to inject commands via the user's phone audio interface.


 

7>Juce jacking: juice jacking is a physical hardware vulnerability specific to mobile platforms. utilizing the dual purpose of the USB charger port many devices have been susceptible to having data exfiltrated from or malware installed into a mobile device by utilizing malicious charging kiosks set up in public places such as busy Railway Station, PlayGround where people looked for Little recharge for their Phone which battery is running out or hidden in normal charger adaptors 


Juice jacking...click4details

A smartphone user is exposed to various threats when they use their phone, these threats can disrupt the operation of the Smartphone and transmit it or modify user data. Since some apps could themselves be malware, their functionality and activities should be Limited. for example restricting the apps from accessing location information via GPS, blocking access to the user's address book, preventing the transmission of data on the network, sending SMS messages that are bold to the user, etc. After going through you will and identify the major threat posed by mobile apps, multi Factor authentication, the risk associated with generating metadata, location-based social networking, Geolocator tracking, mobile wireless Hotspot, invasive mobile charger, and Safely deposit of digital device.

Click for more Details

Comments

Post a Comment

Popular posts from this blog

why phone battery draining so fast

Image
Maximizing your mobile battery life is a simple matter of minimizing your power uses. As your Android smartphone has a lot of components that closely touch on power use. simply optimizing your device on a daily basis on fully automatic connectivity toggles. there are many ways and boost battery life and take better care of your rechargeable battery.  thought with their mixture of information and common sense that doesn't make sense that any of the things people know about battery life are wrong. with several years of battery check if you don't realize about battery and all the way down on Nickel-cadmium battery, if you don't fully charge the battery and keep letting it all the way on first use you might end up with restricted capacity. this is no longer the case with Lithium-ion batteries, nowadays most phones and laptops will come with a battery that is partially charged and you will do no harm if you start using the device right away after purchasing. Charging before empt
Read more

9 ways to boost your phone battery

Image
  Boost Your Phone battery life: General Innayolam when your laptop and smartphone battery decrease gradually before expected. There are many ways and boost battery life and take better care of your rechargeable battery.  thought with their mixture of information and common sense that doesn't make sense that any of the things people know about battery life are wrong. with several years of battery check if you don't realize about battery and all the way down on Nickel-cadmium battery, if you don't fully charge the battery and keep letting it all the way on first use you might end up with restricted capacity. this is no longer the case with Lithium-ion batteries, nowadays most phones and laptops will come with the battery what and you will do no harm if you start using the device right away after purchasing. charging before empty harms the battery life, the opposite is true with Lithium-ion batteries. University.com explains reports on battery- it is not better because of hi
Read more

How to create a guest WIFi network

Image
create a guest WIFi network Creating a guest Wi-Fi network: Creating a guest Wi-Fi network is as simple as changing your profile picture on Facebook. Logging in and setting on administrator most routers manufacturer allow you to add additional networks simply. Nowadays Modern routers have the option to customize guest Wi-Fi access like setting the number of guests who can access the network at a time, the time when they can be connected, network broadcasting for automatic connection, etc. Modify your router setting to add a guest network easily by following the step given below. After reading you can prepare your wifi network for your guest easily. The maximum company manufactured routers support guest networking features. This creates a separate wifi network for your guest when they visit your place. By using guest network they can easily access the web/internet but can’t access the peripheral device like a printer or any other shared folder. So this makes sure your resource safety.
Read more