Feeds

BlackBerry hacking peril exposed

Blackjacking circumvents corporate defences

Secure remote control for conventional and virtual desktops

A hacking program, due to be released next week, will demonstrate how to use a connection from BlackBerry devices to potentially bypass enterprise security defences.

Jesse D'Aguanno, director of security research at German firm Praetorian Global, gave a presentation on how to use the BlackBerry environment to circumvent perimeter defenses and directly attack hosts on a corporate intranet at last week's DefCon conference in Vegas. The demo included a live presentation. Next week D'Aguanno plans to release source code for BBProxy, the tool used to conduct the attack, which he describes as "Blackjacking".

BBProxy can be installed on a BlackBerry or sent in an email attachments to potential targets. The code can be hidden in something apparently innocuous such as a naughts and crosses game, D'Aguanno suggests. Once activated, BBProxy opens a covert channel between hackers and compromised hosts on improperly secured corporate networks. The communications channel between the BlackBerry server and handheld device is encrypted and cannot be properly inspected by typical security products.

D'Aguanno said that he's publishing information about the attack, along with details on possible defences, in order to highlight the dangers of treating BlackBerry environments as more secure than external connections from corporate laptops. Other security experts, along with Research In Motion, the supplier of BlackBerry devices and associated enterprise server products, stress the need to establish properly segmented networks to defend against such attacks.

Paul Henry, vice president at net security firm Secure Computing, commented: "Servers connecting to the public internet have an inherent risk. Isolating these Internet facing servers reduces the risk of a compromised server providing access to other critical servers. Hence due diligence would require that any internet facing server like a BlackBerry server should be isolated [behind a firewall] on its own DMZ segment.

"Only those connections necessary to facilitate the operation of the BlackBerry server should be permitted. The BlackBerry server should not be permitted to open arbitrary connections to the internal network or internet. The mail server that is working with the BlackBerry server... should also be isolated on it’s own separate DMZ," he added.

RIM is playing down the risk of the attack demonstrated by D'Aguanno by saying that network administrators can deny users the ability to run third-party applications, such as games sent by email, the main vector for attack suggested by D'Aguanno. The firm has published guidelines on how to defend BlackBerry environments against compromise on the security segment of its BlackBerry website here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
No, thank you. I will not code for the Caliphate
Some assignments, even the Bongster decline must
Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
Founder (and internet passport fan) now says privacy is precious
TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit
Chocolate Factory hits back at firm for suing customers
Mozilla's 'Tiles' ads debut in new Firefox nightlies
You can try turning them off and on again
Sit tight, fanbois. Apple's '$400' wearable release slips into early 2015
Sources: time to put in plenty of clock-watching for' iWatch
Facebook to let stalkers unearth buried posts with mobe search
Prepare to HAUNT your pal's back catalogue
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.