Top Things Your Service Provider Needs to Know About Security

By Nir Ilani July 28, 2011

So far, when one mentioned mobile security, it meant two possible security attack vectors. They were either attacks at the network perimeter - such as high-volume Denial of Service (DoS) attacks at the network level - or attacks at the critical-infrastructure level (RADIUS, Diameter, LDAP servers, etc.) - which means targeted DNS or HTTP traffic attacks. Well, the mobile security landscape is now changing, introducing a new attack vector – mobile clients!

With the recent advancements of both 3G mobile networks and smart-phones (read: iPhone/Android devices), any mobile user has mobile broadband connectivity and enjoys an open OS with many downloadable applications – that can be also mobile attack tools. The combination of these presents a new reality; a reality in which virtually any mobile user can become a potential attacker! The result – as you can guess by now – mobile operators are increasingly getting concerned about that.

Probably the most interesting fact to point out is that this new breed of mobile attacks is omni-directional, i.e. mobile to network, network to mobile (often initially triggered by a mobile attacker) as well as mobile to mobile (M2M). M2M attacks are the trickiest; as the mobile attacker will exploit the mobile core network resources and use its services (SMS, MMS, sending data, etc.) to attack other clients on its network. The impact of hand-held mobile device as a source or destination for attacks may vary from just annoying battery draining attacks to network paging overflow attacks, resulting in network disruption. But they can also include a complete mobile network breakdown. This could definitely make one quite nervous, huh?

From the mobile operator angle, it is essential to deploy the full means of protection against such multi-vector attacks, by utilizing a security attack mitigation solution that will defend not only the mobile network, but also its clients at the perimeter, critical infrastructure level and mobile device layers. Specifically, it is cruicial to detect on-the-fly "mis-behaving users" that can potentially become concrete attackers.

So next time your iPhone battery starts to drain too quickly, unless you downloaded some battery-intensive application (which is a totally different probelm...) – your mobile device might just be under attack!

Until next time,

Nir

Posted in: Security Mobile Security Service Provider
Nir Ilani

Nir Ilani

Nir Ilani owns the global product strategy and practices of Radware’s Cloud Security services including Cloud DDoS Protection, Cloud WAF and Cloud Acceleration. He has over two decades of diverse engineering and product management experience including managing the design, development and release of industry-leading, high-scale solutions. Nir is an expert in Cloud Computing, Cyber Security, Big Data and Networking technologies, and a frequent speaker in technology events. Nir holds a Bachelor in Computer Science and Business Administration as well as MBA, both from Tel-Aviv University. Nir writes about trends, technological evolution and economic impact related to Cloud, Security and everything in between.

Related Articles

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia

Close

What are you looking for?