NEW-AGE MOBILE NETWORKS: THREATS AND …...FlexiSpy, Mobile Spy, MobiStealth… *Information obtained from analysis of Junos Pulse Mobile Security Suite virus definition database dated

NEW-AGE MOBILE NETWORKS: THREATS AND SOLUTIONS

Nitin VigSenior Systems EngineerJuniper Networks

AGENDA

Mobility Trends1111

Attacks and their impact2222

2 Copyright © 2010 Juniper Networks, Inc. www.juniper.net

Thwarting the attacks3333

Summary4444

SECURITY IS IMPACTED BY TWO TRENDS

Industry Trends

Workforce Behavior IT Infrastructure Business Drivers

Compliance Requirements

Business


Security Trends

Attacker Behavior New Attack TargetsEvolving Threat Vectors

INDUSTRY TRENDS

Business DriversWorkforce Behavior IT Infrastructure

Branch

Data

Cente

r * Clo

ud


Campus

Mobile Clients

Data

Cente

r * Clo

ud

SECURITY TRENDS

Attacker

Notoriety Profitability .gov /.com .me / .you

So

ph

istica

tio

n

(Ma

turi

ty)

Type of Attack

Botnets

APT


Threats

Target

So

ph

istica

tio

n

(Ma

turi

ty)

Botnets

Trojans

VirusWorms

DOSDOSDOS

MalwareMalwareMalware

New Devices

ERP

Internet Information Services

New Applications


ATTACKS AND THEIR IMPACT

THE THREAT OF MOBILE MALWARE IS NOW REAL!

Mobile device threats reach

Threats to mobile devices

are now a reality!


…to include malware,

loss/theft, data comm

interception, exploitation

and misconduct, and direct

attacks.

Mobile device threats reach

FAR beyond simple viruses

and SMS exploits…

EVOLUTION OF MOBILE MALWARE

Criminals now using PC-style malware attacks to infect

mobile devices

Mobile Apps in App Stores

Greatest mobile malware risk comes from rapid proliferation of

applications in app stores


mobile devices applications in app stores

FlexiSpy, Mobile Spy, MobiStealth…

*Information obtained from analysis of Junos Pulse Mobile Security Suite virus definition database dated 10/15/2010

Mobile spyware is prevalent and now commercialized

THE MOBILE MALWARE EXPLOSION

While mobile malware grew

quickly between 2009 and 2010…


…malware samples for Google

Android grew even faster!

MOBILE MALWARE EXAMPLES

Trojans that send SMS messages to premium rate numbers

Background calling apps that rack up exorbitant long distance bills

SMS

₤ € $ ¥

$

¥€

₤ ₤€ $

¥₤

€$¥₤

$


“Credit Card:1-2-3-4-5…”

“Credit Card:1-2-3-4-5…”

Keylogging applications that compromise

passwords and credit card or bank account numbers

Self-propagating code that infects devices and spreads to additional devices listed in

a user’s address book

…

Malware growing more sophisticated, now with

polymorphic attacks

MOBILE MALWARE EXAMPLES AND TARGETS

'Most Sophisticated' Android Trojan Surfaces in China –December 30, 2010

� Geinimi, highly sophisticated botnet-like Trojan, detected in Android devices in China

� Sends location information, device identity, even stored contacts to unknown server

� Found in apps, mostly games, infected and repackaged to resemble legitimate apps, then uploaded onto Chinese third-party app stores


2011 Cyberattack Targets: iPhone, Facebook, Foursquare –December 29, 2010

'Phishing' Scams Cast Net on Mobile Banking – January 30, 2010

� Developer published an app supposedly for accessing online bank accounts

� After installation, users were presented with their bank’s URL and were prompted for login credentials

� After login credentials were submitted, they were then sent to an unknown location, presumably for fraudulent activities

ATTACKS: IMPACT ON THE NETWORK

OSS / BSSApplications & Services Signalling links

Mobile Core / InfrastructureDC

1

2

4

57

6

3

3 3 3

3

3


AccessClients

Internet

Peering Network

1. RNC Connections (RAN)

2. Airtime (RAN)

4. Data Records

5. DNS Queries

7. Subscriber Billing Complaints

6. Battery Drain Issues3. Bandwidth

3

BUSINESS IMPACT OF NETWORK OUTAGE

Tier-1 European SP suffered a massive network outage (HLRs)

40 million customers unable to make calls or send texts for 4 hours.

Approximately $100 million in lost revenues to Operator


Approximately $100 million in lost revenues to Operator

After a similar network outage back in 2004 at Bouygues Telecom in France, the operator sued its HLR supplier, Tekelec, for $81 million in damages

http://www.unstrung.com/document.asp?doc_id=175678&piddl_msgid=180879


THWARTING THE ATTACKS

STATIC SECURITY IS NOT ENOUGH ANYMORE

Growing importance of real-time, dynamic security decisions and security policies enforcements

“If you can detect an attack in the first hour, you have a 90% chance of preventing a data breach,” said Jonathan Nguyen-Duy, director of Verizon product management.


Duy, director of Verizon product management.

“By detecting an attack before that packet ever reaches a clients’ perimeter, we can block it, route it or quarantine it”

http://telephonyonline.com/business_services/news/verizon-managed-security-0805/?smte=wl

THE FUTURE OF SECURITY

MobilityMobility ConsolidationConsolidation


VisibilityVisibility

Global HighGlobal High--Performance NetworkPerformance Network

CONSOLIDATION

Branch

NAT

Firewall

IPS

IDS

UTM

VPN

NAT

Anti-malware

Consolidation of security services (everywhere)


Da

ta C

en

ter

Data/App Consolidation

Campus

Mobile Clients

NAT

Firewall

Anti-malware

IDS

IPS

VPN

LAN Acceleration

Anti-virus

Remote Access

Remote Lock/wipe

Backup & Restore

IPS

Firewall

IDS

VPN

UAC

Firewall

VISIBILITY



Comprehensive Application Visibility and Control

Source to Source to Source to

What UserWhat User

What ApplicationWhat ApplicationBranch


Source to DestinationSource to

DestinationSource to

Destination

Da

ta C

en

ter

What ApplicationWhat Application

User DeviceUser Device

User LocationUser Location

Campus

Mobile Clients

MOBILITY

Notebook



Comprehensive Application Visibility and Control

Secure Mobility


Netbook

Smartphone

Tablet

Campus

Branch

SGSN GGSN

MOBILE PACKET CORE

RAN

OSS• SOC• NOC

IMS• IP PBX• MMS• WAP

VAS•Music•IPTV•Maps

CSS•CGW•AAA•DNS

OSS IMS VAS CSS

SSL VPNSSL VPN

OSS IMS VAS CSS

Gi IPSGn IPS Gi FWGn FW

SECURING THE MOBILE INFRASTRUCTURE

Secure the Applications

SSL VPN


Roaming Exchange

Other PLMNOther PLMN

Secure the Devices

Secure the Network

Gp IPS

Gp FW

Manage at Scale


SUMMARY

COMPREHENSIVE SECURITY STRATEGY

Mobile Device Security Application Security

• AppSecure Strategy• User mapping to

Datacenter Security

Secure Mobile Infrastructure

• Scale throughput &

NetworkDevice Application


• Security • Secure Connectivity • Acceleration

• User mapping to application • Virtual security

• Bridge the physical and virtual• Datacenter scale

• Scale throughput & Sessions• Signaling and control plane security• Security for new applications

Expanded Go To Market

Documents

NEW-AGE MOBILE NETWORKS: THREATS AND …...FlexiSpy, Mobile Spy, MobiStealth… *Information obtained from analysis of Junos Pulse Mobile Security Suite virus definition database dated