Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Compromised phones could launch DDoS attacks crippling emergency services

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

September 13, 2016

A security research team has demonstrated how thousands of malware-infected Android smartphones could launch hundreds of automated distributed denial of service (DDoS) attacks that could cripple critical emergency services in the United States and elsewhere for days.

The attacks exploit the need for emergency call services to accept all calls regardless of origin. What further complicates this is that it's a new area that researchers have not experienced yet.

The theoretical attack uses some malware to mask a phone's International Mobile Subscriber Identity (IMSI) showing only the International Mobile Station Equipment Identity (IMSEI) numbers which cloaks the origin of most attacks and frustrates identification and/or blacklisting efforts in the U.S. and abroad.

Ben-Gurion University researchers Mordechai Guri, Yisroel Mirsky, and Yuval Elovici assert that the malware could place several calls without even alerting phone users.

They say in a whitepaper dubbed: '911 DDoS: Threat, Analysis and Mitigation' that about 6,000 infected Android smartphones in a local area would jam a 911 emergency call system.

The current United States FCC regulations require that all emergency calls be immediately routed regardless of the caller’s identifiers," the researchers assert.

"A malware rootkit placed within the baseband firmware of a mobile phone can mask and randomise all cellular identifiers, causing the mobile device to have no genuine identification within the cellular network. None at all.

"Such anonymised phones can issue repeated emergency calls that cannot be blocked by the network or the emergency call centers, technically or legally, and that's a big issue," the research team said.

About 51.4 percent of all mobile phone emergency callers would give up when an army of 6,000 infected phones were jamming 911 public safety answering points (PSAPs). This rises to 90 percent with 50,000 compromised handsets blasting the 911 emergency system.

A fleet of about 200,000 infected handsets could jeopardize emergency services across the entire United States and potentially other countries with similar (read: 911) emergency call centers.

The team used a discrete event simulator (DES) and a handful of Samsung phones to test their work, noting that malware residing in a phone's baseband would push phones into a "no SIM" state, exposing only the IMEI number which is extremely difficult to track.

The research team suggests the attacks can be prevented by storing IMSI numbers in a phone's trusted memory region, such as Android Pay, preventing any alteration or modification.

"We strongly believe that the contributions of this whitepaper will assist the respective organizations, lawmakers, and security professionals in understanding the scope of this problem and aid in the overall prevention of potential future attacks on the 911 emergency services," the authors asserted.

Source: Ben-Gurion University.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer