The Mobile Industry’s Growing DoS Risk
By: Eric Everson, Founder MyMobiSafe
In the not so distant past, major labels such as Yahoo and Amazon have become targets of malicious Denial of Service (DoS) campaigns. DoS campaigns are designed to hit servers so hard with false traffic that the real traffic is denied service. Have wireless service providers created a vulnerability that puts them at greater risk for such attacks?
As a mobile security expert and founder of MyMobiSafe.com, the unwillingness of most wireless service providers to adopt handset level security solutions perplexes me. Perhaps it is that by partnering with mobile security providers they believe they are admitting to a veil of ignorance that they have been skirting for years. The problem however is that as handsets and technologies are becoming increasingly developed all the while hackers are ripping that artificial veil of ignorance off of the providers.
One may wonder why wireless providers are at greater risk today than they were before? To this I have a three letter response “GAN”. Generic Access Network (GAN) also known as Unlicensed Mobile Access (UMA) permits the seamless transition between diverse networks. With GAN/UMA when a handset detects a new network, it establishes a secure IP connection through a gateway to a server which creates an alternate base id and allows for differentiated connection protocols to work in tandem. With GMA/UMA becoming more widely
deployed, service providers are allowing subscribers to have direct access to mobile core networks over via IP. This makes it easier to spoof identities and use illegal accounts to launch
a variety of attacks such as… you guessed it, DoS attacks!
If top Internet companies like Yahoo are susceptible despite all of their advanced computer and server-based security measures, it’s easy to see how the top mobile service providers are carrying a much greater risk (especially considering the lack of attention to security the handset level). I look for wireless providers to begin warming up to third-party mobile security providers as the speed of technology is showing no signs of a slow down.
Your mobile security guru,
Eric Everson, Mobile Security Expert
Founder of MyMobiSafe.com