Attacks on Mobile and

Embedded Systems:
Current Trends
IncIuded in this White Paper:
Introduction 
A Brief History of Hacking 
Hacking’s Dangerous Third Wave 
Conclusion 
References and Further Reading 
Revised April 30, 2009
Mocana Corporation
350 Sansome Street
Suite 1010
San Francisco, CA 94104
415-617-0055 Phone
866-213-1273 Toll Free
info@mocana.com
www.mocana.com
Copyright © 2009
Mocana Corp.
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 1
Introduction
In today’s world of ubiquitous computing, cyberattacks are becoming more
virulent, costlier, and larger in scope than ever before. Unlike previous
incarnations of hacking, current attacks on computer systems are professionally
coordinated, multifaceted, and motivated by the promise of profits on a massive
scale.
With millions of new electronic devices connecting to the internet every day,
hackers are increasingly focused on a new type of target: mobile and embedded
systems. Such systems include point-of-sale terminals, wireless routers, smart
phones, networked office machines such as printers, and even the utility
infrastructure.
In March 2008, European authorities uncovered a credit card data siphoning
operation using point-of-sale terminals manufactured in China. The scam involved
conspirators in several countries, including workers at the Chinese factory.
Before the point-of-sale readers were sent to Europe, they were hacked with
a tiny, extra chip behind the motherboard. Once the machines were installed,
their specially programmed chips siphoned off customers’ credit card data—at
unpredictable and nearly undetectable intervals—and relayed it from Europe to
Pakistan. The thieves made off with at least $50 million before the scheme was
discovered [H4].
Cutting-edge hackers are acutely aware that many of the security procedures
and applications in use today have been designed for PC workstations, and are
thus unable to thwart attacks on mobile and embedded systems. Smartphones,
for example, remain notoriously insecure, yet they are gaining popularity as
platforms for exchanging confidential data and conducting financial transactions.
Billions of dollars are at risk as people do more and more of their everyday
banking and shopping on mobile and wireless devices. Even heart pacemakers
have joined the networked world and are now vulnerable to hacking.
Perhaps most ominous of the new hacking trends is the upsurge in cyberattacks
against our utility infrastructure. If hackers continue to attack the so-called “smart
grid,” which connects sensors and control systems with sophisticated computers
and networks, they could bring our nation’s commerce to a standstill, endanger
lives, and put our national security at risk.
“….last year
[2008] now
appears to have
been a turning
point in the
professionalism
of cyber crime.
The software
development
skills and
data mining
capabilities of
organized crime
are believed
to be second
to none. They
(whoever that
is) are stealing
vast amounts of
our data, though
no-one really
understands
the logic in their
targets.“
David Lacy, Computer Weekly, March 4,
2009 (http://www.computerweekly.com/
blogs/david_lacey/2009/03/apocalypse_
soon.html)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 2
In this dangerous new interconnected world, we need to take a serious look
at what types of hacking strategies are being employed today, and implement
security solutions that are designed specifically for mobile and embedded
devices. This paper attempts to highlight some of the latest attacks against
embedded systems, including mobile phones, medical devices, and the nation’s
electric infrastructure.
A Brief History of Hacking
Years ago, hacking was an amateur, underground activity, commonly associated
with thrill-seeking pranksters whose main intent was showing off their
computing prowess or expressing their anti-authoritarian sentiments. To be a
hacker was to have “street cred”—at least among the technologically savvy.
Although hackers’ activity was often illegal it was rarely malicious, and they
usually didn’t fit the profile of career criminals.
Phone
Phreaking
1970 1982 1988 1993 2005 2009
TCP/IP—
Internet Protocol /
amateur hackers /
BBSes
Paris Hilton’s
T-Mobile USA
Sidekick hacked
Kevin Mitnick /
Increase in attacks
on commercial
enterprises
Increase in attacks
on mobile devices, em-
bedded systems, the
“internet of things”
FIRST WAVE SECOND WAVE THIRD WAVE
Hacking group
“414s” break into
Los Alamos Nat’l
Lab. computers
U.S. House of
Rep. begins hear-
ings on computer
security hacking
Morris
worm /
CERT
established
1977
Federal Computer Systems
Protection Act, defining
computer crimes & recom-
mended penalties, fails to pass
2000
ILOVEYOU
worm infects
millions
within hours
Dmitry Sklyarov becomes 1st
person charged with violating
the Digital Millenium Copyright
Act (DCMA) at DEFCON
First DEFCON
hacking conference
held; becomes
an annual event
U.S. GAO reports that in 1995,
hackers tried to break into
Defense Dept. files 250,000 times;
~65% of tries were successful
First RSA
Conference
held
Some of the early hackers of the 1970s focused on the telephone system.
Calling themselves [phone] “phreaks,” or “phreakers,” they helped themselves to
free long distance by simulating the sounds of phone signals. In the 1980s, when
personal computers became widely available, phone phreaks and other hackers
Hacking timeIine Figure 1.
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 3
began using modems to connect to Bulletin Board Systems (BBSes), where they
exchanged messages about how to break into computers, steal passwords, and
wreak other kinds of electronic havoc. By 1986, hackers had threatened enough
government and corporate computer systems to prompt the U.S. Government
to make hacking a crime. In 1988, foreshadowing the types of attacks that lay
ahead, ArpaNET, the U.S. government’s precursor to the internet, was brought
to a standstill by a hacker’s experimental, self-replicating “worm” program that
spread to 6000 of the network’s computers.
Around the dawn of the commercial internet in the 1990s, a second wave of
hacking, which took on a more overtly criminal sensibility, began to emerge. One
of the most famous of these second-wave attacks was traced to the notorious
serial hacker, Kevin Mitnick, who was eventually arrested for stealing 20,000
credit card numbers.
Also in the 1990s, a group of hackers broke into Citibank’s computers and
siphoned off $10 million to their overseas bank accounts [H5].
Since the early 1990s, hackers have developed a rapidly mutating and
increasingly clever repertoire of attack strategies: embedding rogue programs
in legitimate applications, installing keystroke recorders on unwitting users’
computers, spoofing legitimate websites to “phish” for personal data, hijacking
database information through SQL injection attacks, and even enlisting massive
armies of zombie computers (“botnets”) to spew out phishing emails and spam.
Today, all classes of cybercrooks, from small-time con artists out to make a quick
buck to international crime syndicates, are logging into the global cybercrime
marketplace to buy and sell malware kits, stolen credit card numbers, “how-to-
hack” manuals, and criminalized software development services, in a shadow
economy worth over $750 million in 2007 [H2].
Hacking’s Dangerous Third Wave
Now, with the advent of what some technologists call the “internet of
things” (see Figure 3), we are encountering a third wave of hacking—one that
encompasses not only wired computers and networks, but intelligent devices:
wireless phones, routers and switches, printers, SCADA (Supervisory Control
And Data Acquisition) systems, and even medical devices. This new hacking
wave is poised to bypass the amateur “street-cred” phase and move directly to
well-honed, massively coordinated, sophisticated attacks. It is now becoming
clear that hacking’s third wave will almost certainly include terrorist cyberstrikes
Kevin Mitnick after Figure 2.
his reIease from Lompoc
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 4
against the utility and industrial infrastructure (the “smart grid”)—a danger we
can no longer dismiss as a spy movie scenario.
Electric Toothbrush:
Automatically reorders
brush heads, shares
brushing habits
with your dentist
Automobile:
Maps traffic in real
time; others can
track your location
Computer:
Centralized control for
remote interface to
any other device
Media Player:
Remotely orders
new songs & video
Microwave:
Automatically sets
cook cycle with
RFID recognition
Printer:
Automatically
reorders toner and
paper as needed
VoIP phone:
Automatic updates,
integration and
forwarding
Refrigerator:
RFID tags reorders
groceries as
needed, and
suggests recipes
Alarm Clock:
Remote programs,
custom tones, turns
on coffee maker
Coffee Maker:
Custom setting for
each coffee type,
starts when alarm
goes off
Oven: Oven
settings from
computer or phone
if running late
HVAC: Controls
temperature &
lights for maximum
efficiency
Television:
Immediate “one-click”
ordering of products
seen on commercials
Exercise Equipment:
Recognizes individual
user and tracks
workout schedule
Vending:
Automatically
reorders supplies
before it’s empty
Cell Phone:
Secure performs
identification &
verification for
payments
Smart Scale:
Measures and
sends weight info for
progress tracking
Building Security:
Security cameras
interact with facial
recognition database
Home / Bed Workplace Home / Bed
COMMUTE COMMUTE
Figure 3. The Internet of Things
This paper discusses several of these new attack trends:
Growing attacks on soft infrastructure targets 
Long-predicted threats to cellular network & smartphones manifesting 
themselves
The rush to network medical devices outpaces security 
Ubiquity of easily-hacked RFID technology threatening privacy, driving the 
growth of sophisticated identity thefts
Everyday home and office devices—hackers’ gateway to your network 
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 5
Trend #1: Growing Attacks on Soft
Infrastructure Targets
Since security for personal computers is getting stronger, hackers are
increasingly looking for “softer” targets. In their sights are the millions of
industrial control and coordination, or SCADA devices, which can be programmed
like computers and have finally become numerous and networked enough to
make it profitable for hackers to attack them. By targeting a city’s infrastructure,
hackers can gain political notoriety, intimidate the public, and extort large
amounts of money from businesses or governments. At a conference in
January 2008, a senior CIA analyst shocked his audience by revealing that
cyberextortionists in another country had “caused a power outage affecting
multiple cities” [S1].
SCADA devices are key players in the “Smart Grid,” the network of sensors and
computerized systems that make up the utility infrastructure of our society. They
monitor and control power generators, refineries, water treatment facilities,
oil pipelines, and electrical power systems. They also comprise an essential
component of our industrial, technology, and communications infrastructure,
controlling building security, manufacturing plants, airport traffic, and military
vessels. As more and more SCADA devices come online, the more our nation’s
health, economy, and security become vulnerable to hacking attacks [S10].
F
I
R
E
W
A
L
L
F
I
R
E
W
A
L
L
Security
Zone Control
Center
Refinery
Control
Refinery
Assets
REFINING COMPANY
PIPELINE COMPANY
COKING
UNIT
CRACKING
UNIT
STORAGE
TANKS
Internet
F
I
R
E
W
A
L
L
F
I
R
E
W
A
L
L
Security
Zone Business
Network
F
I
R
E
W
A
L
L
F
I
R
E
W
A
L
L
Security
Zone Control
Center
F
I
R
E
W
A
L
L
F
I
R
E
W
A
L
L
Security
Zone Business
Network
Pipeline
Control
Pipeline
Assets
PIPES
FIELD
SENSORS
STORAGE
TANKS
TypicaI SCADA Figure 4.
system.
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 6
Existing SCADA devices are often decades old and operate with legacy computer
hardware. They tend to be configured with off-the-shelf networking software and
have weak internal security protections. Although guarded by a hard shell on the
outside, with locks, gates, security personnel, industrial facilities may still contain
a soft center—their computerized control systems—an easily penetrable core
which now is exposed to the outside world through the internet.
Corporation Workplace
Physical Infrastructure
Operator
Workstation
RTU/PLC
Planning/
Scheduling
Corporate
Network
Control
Network
Field Area
Network
Supervisory
Control
Regulatory
Control
Sensor Actuator Sensor Actuator Sensor Actuator
RTU/PLC RTU/PLC
Operator
Workstation
In the past, the majority of SCADA attacks were perpetrated by insiders who
had access to the controls: disgruntled ex-employees or saboteurs. Now,
experts are seeing more and more attacks originating from external sources,
even from residents of foreign countries. In 2004, a British Columbia Institute
of Technology (BCIT) analysis of 24 control system security incidents instigated
by outsiders showed that 36 percent came in through the Internet. Eric Byres,
a BCIT research faculty member, noted that “an awful lot are coming in through
other ways, including dial-up modems, VPN (virtual private network) connections,
remote wireless systems and trusted third party connections” [S2]. One recent
report notes the potential involvement of smart phones in SCADA attacks,
especially as “ubiquitous computing” becomes the norm. An outsider with a
cell phone could manage to access SCADA devices via the phone’s internet
connection [S6].
One of the problems with assessing the prevalence of SCADA attacks is that
they are rarely reported in any detail, for fear of encouraging further attacks and
compromising national security. Companies and governments understandably do
TypicaI controI Figure 5.
system architecture (BerkeIey
Research)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 7
not want any information about SCADA breaches to fall into the wrong hands, so
they fail to share information freely. According to Alan Paller, Director of Research
for the SANS Institute, “… A careful statistical analysis of validated control
system incidents at 22 major corporations indicates that … the incidents are
far more widespread than commonly believed, the targets more wide ranging
and the attackers are not who we think they are. Even more ominous, the data
shows that getting into most control systems is surprisingly easy” [S11]. For
example, in March of 2008, a nuclear power plant was accidentally shut down
because a computer used to monitor chemical and diagnostic data rebooted after
a software update. In another incident in 2008, a teenager in Poland rigged a TV
remote control to control the switch tracks of trams. There were four derailments
and twelve resultant injuries [S4].
Most frighteningly, attacks against SCADA devices are being carried out by
enemy nations as part of a greater “cyberwarfare” strategy to sabotage the
U.S. economy and infrastructure. In the U.K., government agencies report that
attacks against infrastructure targets have increased dramatically. In June 2008,
the UK’s National Infrastructure Security Co-Ordination Centre issued a public
advisory about a series of targeted attacks against the UK central government
and commercial organizations “for the purpose of gathering and transmitting
otherwise privileged information”[H8].
Trend #2: Long-Predicted Threats
to Cellular Network & Smartphones
Manifesting Themselves
Researchers are predicting that 2009 will be a significant year for mobile attacks
[H10]. With the rise of unlimited data plans, open networks, readily downloadable
applications, and the lack of strong security, hackers, spammers, and phishers
are now beginning to recognize the profit potential of mobile phones [M4].
Adding to the allure of mobile hacking for cybercriminals are the fraud
opportunities presented by the burgeoning mobile financial services market.
The number of active users of mobile banking and related financial services
worldwide is expected to rise from 20 million in 2008 to 913 million in 2014 [M4].
The latest mobile phones are also the most vulnerable to attack. Smartphones,
such as the Apple iPhone and the Google Android phone, now come with
“real” browsers with JavaScript engines, exposing them to traditional browser
attacks, such as Cross-Site Scripting (XSS), Clickjacking, phishing, and other
… A careful
statistical
analysis of
validated control
system incidents
at 22 major
corporations
indicates that
… the incidents
are far more
widespread
than commonly
believed, the
targets more
wide ranging
and the attackers
are not who we
think they are.
Alan Paller, Director of Research for the
SANS Institute
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 8
malicious techniques. These phones are also vulnerable to “man-in-the-middle”
attacks, in which a hacker could come between the phone and a web server and
offer malware in the guise of a legitimate update to one of the user’s trusted
applications. Other vectors for smartphone attacks include email, attachments,
web pages, MMS, Facebook, WiFi, and Bluetooth [M3].
As the iPhone and other smart phones continue to gain market share at a rapid
rate, hackers will increasingly focus their efforts on mobile devices. However,
it is doubtful that this new wave of hacking will go through an extended phase
of nuisance hacking as was the case with PCs, instead skipping straight to
for-profit hacking. Although the first iPhone or Android malware writers might
be motivated by street cred like earlier hackers, professional criminals are sure
to follow quickly. According to researchers, the newest of the 420 smartphone
viruses identified since 2004 have reached a state of sophistication that took
computer viruses about two decades to achieve [M6]. Figure 6, from McAfee
[M2], illustrates how mobile security threats have been increasing since the
introduction of popular smartphones.
2
0
0
8
2
0
0
7
2
0
0
6
2
0
0
8
2
0
0
7
2
0
0
6
2
0
0
8
2
0
0
7
2
0
0
6
2
0
0
8
2
0
0
7
2
0
0
6
2
0
0
8
2
0
0
7
2
0
0
6
2
0
0
8
2
0
0
7
2
0
0
6
2
0
0
8
2
0
0
7
2
0
0
6
2
0
0
8
2
0
0
7
2
0
0
6
60%
50%
40%
30%
20%
10%
0%
N
e
t
w
o
r
k

o
r

s
e
r
v
i
c
e
c
a
p
a
c
i
t
y

i
s
s
u
e
s
V
i
r
u
s
/
s
p
y
w
a
r
e
i
n
f
e
c
t
i
o
n
s
V
o
i
c
e

o
r

t
e
x
t
s
p
a
m

a
t
t
a
c
k
s
T
h
i
r
d

p
a
r
t
y
a
p
p
l
i
c
a
t
i
o
n
/
c
o
n
t
e
n
t
p
r
o
b
l
e
m
s
L
o
s
s

o
f

u
s
e
r

d
a
t
a
f
r
o
m

d
e
v
i
c
e
s
P
h
i
s
h
i
n
g

a
t
t
a
c
k
s
i
n

a
n
y

f
o
r
m
P
r
i
v
a
c
y

a
n
d
r
e
g
u
l
a
t
o
r
y

i
s
s
u
e
s
D
e
n
i
a
l

o
f
s
e
r
v
i
c
e

a
t
t
a
c
k
s
Figure 6. The increase in security issues experienced by mobile device users
from 2006 to 2008; % of respondents. McAfee Mobile Security Report 2009
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 9
Several features of smartphones make them particularly tempting targets. For
one, mobile users tend to be less guarded than computer users about clicking on
links, enabling SMS phishers (“SMishers”) to gain information or send malware
via a link in a legitimate-looking text message. In addition, mobile phones are a
treasure trove of personal information, such as phone numbers and addresses,
which criminals can extract and sell in the ID fraud marketplace. And, to make
things even easier for cybercrooks, location-enabled smartphones let spammers
personalize malware for each user by mentioning their locale; for example,
by prompting them to click on information about a disaster that supposedly
occurred in their area [M5].
Although not yet as pervasive as PC malware, cell phone malware is beginning
to proliferate, particularly in Asia where cell phones greatly outnumber PCs.
Mobile malware spreads primarily by two methods: MMS and Bluetooth. In
January 2008, Trend Micro researchers discovered a new Symbian virus that
uses both Bluetooth and MMS messages to infect other phones. Disguised
as an innocuous-looking multimedia file, the malicious program is actually a
mobile application installer. Once activated, it creates new files and sends them
as MMS messages to all the victim’s contacts. Since mobile users are more
trusting than PC users about messages from unknown senders, this malware
has the potential to spread very rapidly throughout a smartphone network.
The most worrisome trend in mobile hacking is the spectre of a mobile botnet
—that infamous army of zombified computers programmed to follow a hacker’s
bidding. In the chilling words of one expert, “No one should be surprised
if we see the first major threat of the migration of botnets from traditional
computing devices to mobile platforms. Some smart phones already have more
memory and higher processing power than laptops from just a few years ago. A
constantly moving and adapting mobile botnet presents a compelling business
proposition for hackers and an interesting real-world case study in chaos theory”
[M1].
Device attacks Figure 7.
reported by mobiIe operators.
|McAfee]
2005 2008
+975%
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 10
Trend #3: The Rush to Network Medical
Devices Outpaces Security
One truly scary attack trend is the growing offensive against medical devices.
A large number of medical devices, such as heart pacemakers, implantable
cardioverter-defibrillators (ICDs), bedside monitors, MRI machines, and portable
drug-delivery pumps, have a CPU and an IP address that enable them to transmit
and receive information, but also expose them to attacks.
Medical devices, which far outnumber hospital PC workstations, are usually
the softest targets on a hospital network, lacking firewalls, malware protection,
strong encryption, or even recent security or OS updates. Medical devices are
increasingly leveraging IP and common OS platforms that enable them to utilize
large libraries of software and communicate more easily. But in the rush to
establish common platforms and network these devices, security concerns have
been poorly addressed.
Mocana’s CEO, Adrian Turner, says, “The same types of attacks that have
traditionally targeted sectors such as consumer electronics are being directed at
medical devices, with potentially fatal consequences. Attacks we’re beginning to
see directed at medical devices include:
Sniffing (also called snooping) or eavesdropping. 
Theft of sensitive information. 
Data destruction. 
Zombification. A zombie is a device attached to the Internet that has been 
compromised by a hacker, virus, or Trojan horse, and can be remotely used,
without the owner’s knowledge, to perform malicious tasks [D4].
Bricking. This usually refers to damage to system software or firmware, which 
would require a complete system wipe and reinstall in order to regain use
of the device. In the case of medical devices, this could entail sending the
product back to the manufacturer.
In a paper published last year by the Medical Device Security center about
pacemakers and ICDs, researchers described how they were able to hack into an
ICD and intercept private data transmissions [D3]. They revealed that ICDs could
be hacked to alter patient data or reset how shocks are administered. Tadayoshi
Kohno, a lead researcher on the project at the University of Washington, who has
studied vulnerability to hacking of networked computers and voting machines,
says that “the risks to patients now are very low, but I worry that they could
increase in the future” [D1].
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 11
Trend #4: Ubiquity of Easily-Hacked RFID
Technology Threatening Privacy, Driving the
Growth of Sophisticated Identity Thefts
One of the most common attacks on wireless networks is “war driving,” in which
hackers drive around a neighborhood, hunting for unsecured wireless nodes.
In the latest twist on war driving, a security expert cruised around Fisherman’s
Wharf, armed with a cheap RFID scanner and a low-profile antenna, and
managed to clone half a dozen electronic, wallet-sized passports in an hour.
This “war cloning” experiment was so successful, says the researcher, because
the type of RFID in the Homeland Security’s version of a passport emits a real
radio signal, which could conceivably be tracked from a couple of miles away.
Although no criminal hacks of passports or e-licenses have been detected to
date, this insecure technology poses a strong risk for identity theft and invasion
of privacy [R1].
In another RFID hack, anyone with $8 worth of equipment bought on EBay can
sniff the credit card number, cardholder name, and other personal information off
an RFID-equipped, “smart” credit card—without physically coming into contact
with the card. The problem with these “contactless credit cards,” says inventor
Pablos Herman, is that the data is decrypted at the point of sale by a machine
rather than at the card company’s secure data center [R3].
Trend #5: Everyday Home and Office Devices—
Hackers’ Gateway to your Network
In today’s hypernetworked corporate environment, more and more office
machines are equipped with an IP address—which means that even a seemingly
harmless and mundane peripheral, such as a shared printer, can pose a
dangerous security risk. Hackers are increasingly exploiting long-forgotten
or ignored printers, faxes, and scanners to bypass firewalls and penetrate a
network. If, as one amateur hacker has shown, it’s possible to gain access to an
unsecured printer using just Google and a web browser, imagine what a hacker
could do with access to a fax machine and an outside phone line. [P1] No matter
how ordinary, every device on a network needs good security!
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 12
Conclusion
Clearly, we’ve come a long way from the days of phone phreaks and Kevin
Mitnick. The latest attack trends threaten not only our privacy, our data, and
our money, but our national security and even our lives. When the possibility
of hackers controlling people’s pacemakers is a topic of serious research, we
know we’re in a new world, one that holds the great promise of connectivity and
ubiquitous computing, but also the potential for criminality and disruption on a
grand scale.
To defend against the new wave of attacks, we need a strategy that is equal
to the adversary—multilayered, complex, and well-organized—and is focused
on the mobile and embedded devices that make up the “internet of things.”
The alternative to protecting these devices (mobile botnets and compromised
water systems; out-of-sync heart pacemakers and stolen identities) presents an
unacceptably high risk.
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 13
References and Further Reading
Hacking and the Underground Economy
[H1] Cisco, Inc. Cisco 2008 Annual Security Report, December 2008, URL: http://www.
cisco.com/go/securityreport.
[H2] Marc Fossi, Eric Johnson, Dean Turner, et al., Symantec report on the underground
economy, November 2008, URL: http://eval.symantec.com/mktginfo/enterprise/
white_papers/b-whitepaper_underground_economy_report_11-2008-14525717.
en-us.pdf, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFgr)
[H3] Merrick Furst, Richard M. George, George Heron, et al., Georgia Tech Information
Security Center Emerging Cyber Threats Report for 2009, October, 2008.
[H4] Siobhan Gorman, “Fraud Ring Funnels Data From Cards to Pakistan”
Wall Street Journal, October 11, 2008, URL: http://online.wsj.com/article/
SB122366999999723871.html, accessed 2009-3-20. (Archived by WebCite® at
http://www.webcitation.org/5gF1zAfd1)
[H5] “Is Hacking Always Bad?” Hacking Alert.com, URL: http://www.hackingalert.
com/hacking-articles/history-of-hacking.php, accessed 2009-3-20. (Archived by
WebCite® at http://www.webcitation.org/5gELyrFhH)
[H6] “Malware Trends: What Will Attack Us in 2009?” H-Desk.com, Nov 25, 2008,
URL: http://www.h-desk.com/articles/Malware_Trends__What_Will_Attack_Us_
in_2009__a45_f0.html, accessed: 2009-4-6. (Archived by WebCite® at http://www.
webcitation.org/5gELyrFhl)
[H7] Networking and Information Technology Research and Development Program
(NITRDP), Networking and Information Technology Research and Development,
Supplement to the President’s Budget for Fiscal Year 2009, February 2008.
[H8] Pinsent Masons LLP, “Hack Attacks Shift to Applications,” November 23, 2005,
URL: http://www.out-law.com/page-6374, accessed: 2009-4-6. (Archived by
WebCite® at http://www.webcitation.org/5gELyrFhS)
[H9] Sophos, Sophos Security Threat Report: 2009, 2008.
[H10] Trend Micro, Inc., Trend Micro 2008 Annual Threat Roundup and 2009 Forecast,
2008.
[H11] ZScaler, 2009 Web Security Predictions, January 6, 2009. URL: http://research.
zscaler.com/2009/01/web-security-predictions.html, accessed: 2009-4-6. (Archived
by WebCite® at http://www.webcitation.org/5gELyrFhc)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 14
MobiIe Hacking Trends
[M1] Bill Brenner, “Mobile Malware: What Happens Next? CSO, November 13, 2008,
URL: http://www.cso.com.au/article/267157/mobile_malware_what_happens_
next?pp=1, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFij)
[M2] McAfee and Informa Telecoms and Media, Mobile Security Report 2009, 2009,
URL: http://www.mcafee.com/us/local_content/reports/mobile_security_
report_2009.pdf, accessed: 2009-4-2 (Archived by WebCite® at http://www.
webcitation.org/5gExlvgs2)
[M3] Elinor Mills, “Mobile: The holy grail at security conference,” CNet News, March
20, 2009, URL: http://news.cnet.com/security/?keyword=smartphones, accessed
2009-3-20. (Archived by WebCite® at http://www.webcitation.org/5gELyrFi4)
[M4] “Mobile hackers cash in on lack of protection offered by networks,” SC Magazine,
April 2, 2009, URL: http://www.scmagazineuk.com/Mobile-hackers-cash-in-on-lack-
of-protection-offered-by-networks/article/129941/, accessed 2009-3-20. (Archived
by WebCite® at http://www.webcitation.org/5gELyrFiZ)
[M5] Sarah Perez, “First Came Geo-Awareness, Then Came Geo-Aware Malware,”
ReadWriteWeb, March 17, 2009, URL: http://www.readwriteweb.com/archives/
first_came_geo-awareness_then_came_geo-aware_malware.php, accessed 2009-
3-20. (Archived by WebCite® at http://www.webcitation.org/5gELyrFiE)
[M6] Pu Wang, Marta C. González, César A. Hidalgo, Albert-László Barabási,
“Understanding the Spreading Patterns of Mobile Phone Viruses,” ScienceExpress
Report, April 2, 2009, URL: http://www.sciencexpress.org, accessed 2009-3-20.
(Archived by WebCite® at http://www.webcitation.org/5gELyrFiO)
MedicaI Device Attack Trends
[D1] Barnaby J. Feder, “A Heart Device Is Found Vulnerable to Hacker Attacks,”
New York Times, March 12, 2008, URL: http://www.nytimes.com/2008/03/12/
business/12heart-web.html, accessed: 2009-4-6. (Archived by WebCite® at http://
www.webcitation.org/5gExlvgsU)
[D2] Maria Fontenazza, “Hackers May Prey on Medical Devices,” Medical Device Link,
Medical Device and Diagnostic Industry, URL: http://www.devicelink.com/mddi/
archive/09/03/011.html, accessed: 2009-4-6. (Archived by WebCite® at http://www.
devicelink.com/mddi/archive/09/03/011.html)
[D3] Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, et al. Pacemakers
and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power
Defenses, May 2008, URL: http://www.secure-medicine.org/icd-study/icd-study.
pdf, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFit)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 15
[D4] Ryan Singel, “WiFi Pacemaker Hack Leads to Real Life Zombie Armies?” Wired,
March 12, 2008, URL: http://blog.wired.com/27bstroke6/2008/03/wifi-pacemaker.
html, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gExlvgsg)
SCADA Attack Trends
[S1] Ted Bridis, “CIA: Hackers demanding cash disrupted power - Electrical utilities in
multiple overseas cities affected” MSNBC.com, January 18, 2008, URL: http://
www.msnbc.msn.com/id/22734229/, accessed: 2009-4-6. (Archived by WebCite®
at http://www.webcitation.org/5gExlvgt2)
[S2] Eric Byres, David Leversage, and Nate Kube, Security incidents and trends in
SCADA and process industries, May 2007, URL: http://www.mtl-inst.com/images/
uploads/datasheets/IEBook_May_07_SCADA_Security_Trends.pdf.
[S3] Alvaro A. Cárdenas, Saurabh Amin, Shankar Sastry, UC Berkeley, Research
Challenges for the Security of Control Systems, 1999. URL: http://www.usenix.
org/event/hotsec08/tech/full_papers/cardenas/cardenas_html/, accessed: 2009-4-6.
(Archived by WebCite® at http://www.webcitation.org/5gExlvgtK)
[S4] Glenn Derene, “How Vulnerable is U.S. Infrastructure to a Major Cyber Attack?”
Popular Mechanics, April, 2009, URL: http://www.popularmechanics.com/
technology/military_law/4307521.html, accessed: 2009-4-6. (Archived by WebCite®
at http://www.webcitation.org/5gExlvgtT)
[S5] Grant Gross, “Expert: Hackers penetrating control systems,” InfoWorld Security
Central, March 19, 2009, URL: http://www.infoworld.com/d/security-central/
expert-hackers-penetrating-control-systems-084, accessed: 2009-4-6. (Archived by
WebCite® at http://www.webcitation.org/5gELyrFjb)
[S6] Wes Iverson, “Hackers Step Up SCADA Attacks,” Automation World, November
1, 2004, URL: http://www.automationworld.com/news-957, accessed: 2009-4-6
(Archived by WebCite® at http://www.webcitation.org/5gExlvgsq)
[S7] David Lacy, “Apocalypse Soon?” Computer Weekly, March 4, 2009, URL: http://
www.computerweekly.com/blogs/david_lacey/2009/03/apocalypse_soon.
html, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFjm)
[S8] Nathan McFeters, “Hacking SCADA for terrorism and destruction,” Zero Day
(ZDNet), June 12, 2008, URL: http://blogs.zdnet.com/security/?p=1268, accessed:
2009-4-6. (Archived by WebCite® at http://www.webcitation.org/5gELyrFjS)
[S9] National Cyber Security Research and Development Challenges, Institute for
Information Infrastructure Protection (I3P), A Report to the Senate Committee on
Homeland Security and Governmental Affairs, 2009.
[S10] “The Return of SCADA vulnerability,” Industrial IT, February 9, 2008, URL:
http://www.industrialit.com.au/Article/The-return-of-the-SCADA-security-
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 16
vulnerability/437404.aspx, accessed: 2009-4-6. (Archived by WebCite® at http://
www.webcitation.org/5gELyrFjw)
[S11] SANS Institute, “Special Webcast: Cyber Attacks Against SCADA and Control
Systems—Real World Trends and Real World Solutions,” September 7, 2008,
URL: https://www.sans.org/webcasts/show.php?webcastid=90748. (Archived by
WebCite® at http://www.webcitation.org/5gExlvgtB)
RFID Hacking Trends
[R1] Kelly Jackson Higgins, “Drive-By ‘War Cloning’ Attack Hacks Electronic Passports,
Driver’s Licenses: researcher demonstrates the ease of scanning and cloning new
Homeland Security-issued ID cards,” Dark Reading, February 2, 2009, URL: http://
www.darkreading.com/security/privacy/showArticle.jhtml?articleID=213000321,
accessed 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFkE)
[R2] Joel Hruska, “Internet tubes dripping with ‘raw sewage’ of DDoS attacks,” Ars
Technica, April 3, 2008 http://arstechnica.com/news.ars/post/20080403-internet-
tubes-dripping-with-raw-sewage-of-ddos-attacks.html , accessed 2009-3-20.
(Archived by WebCite® at http://www.webcitation.org/5gELyrFkW)
[R3] Joanne Kelleher, “Another RFID Hack—Contactless Credit Cards,” RFID Security,
March 25, 2008, URL: http://www.securerf.com/RFID-Security-blog/?p=47,
accessed 2009-4-22. (Archived by WebCite® at http://www.webcitation.
org/5gExlvgtc)
Printer and Everyday Device Hacking Trends
[P1] David Strom, “Beware of Network Printer Hacks,” David Strom’s Web Informant,
May 30, 2008, URL: http://strom.wordpress.com/2008/05/30/beware-of-network-
printer-hacks/, accessed 2009-4-22. (Archived by WebCite® at http://www.
webcitation.org/5gExlvgt)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html 17

Tech
Choice
2008
VPNC
CERTIFIED
Basic
Interop
AES
Interop
IKEv2 Basic
Interop
IPv6
Interop
About Mocana
Mocana secures the “Internet of Things”: the ubiquitous devices of our lives,
our infrastructure, and the enterprise networks to which they connect. As
connected devices proliferate—they already outnumber workstations on the
Internet by about 5 to 1—attacks on these “soft targets” are rising exponentially.
Mocana’s solutions ensure that wired and wireless devices, servers, networks,
and their services all scale securely. Customers include Dell, Cisco, Avaya,
Nortel Networks, Harris, Honeywell, Symbol, and Radvision, among others. The
company was recently named one of Red Herring’s GLOBAL 100—one of the
“Top 100 Privately-Held Companies in the World” for 2008, and also won Frost
& Sullivan’s Technology Innovation of the Year award. For more information, visit
www.mocana.com.
Downloads and Contacts
For details about the Mocana Device Security Framework, visit  http://www.
mocana.com/device-security-framework.html.
For your 90-day free trial, visit  www.mocana.com/evaluate.html.
For pricing and purchase information, email  sales@mocana.com or call
866-213-1273.
Mocana Solutions
NanoBoot™
Secure preboot verification
for firmware
NanoUpdate™
Secure firmware updates
NanoWall™
Embedded system firewall
NanoSSH™
High-performance
SSH client and server
NanoSSL™
Super-small SSL client and
server
NanoSec™
Device-optimized IPsec,
IKEv1/v2, MOBIKE
NanoEAP™
EAP supplicant and
802.11 extensions
NanoCert™
Certificate management
for client devices
NanoDTLS™
Embedded DTLS client
NanoDefender™
Intrusion detection
for devices
DSF for Android™
Quick-development
security toolkit for
Google Android handsets

Smartphones. and even the utility infrastructure. Computer Weekly. networked office machines such as printers. and motivated by the promise of profits on a massive scale. multifaceted. endanger lives. they could bring our nation’s commerce to a standstill.html) Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. Such systems include point-of-sale terminals. and larger in scope than ever before. which connects sensors and control systems with sophisticated computers ” and networks. “ David Lacy. extra chip behind the motherboard. smart phones. March 4. The software development skills and data mining capabilities of organized crime are believed to be second to none.com/ blogs/david_lacey/2009/03/apocalypse_ soon. Billions of dollars are at risk as people do more and more of their everyday banking and shopping on mobile and wireless devices. European authorities uncovered a credit card data siphoning operation using point-of-sale terminals manufactured in China. and put our national security at risk.html . current attacks on computer systems are professionally coordinated. The scam involved conspirators in several countries. They (whoever that is) are stealing vast amounts of our data. and are thus unable to thwart attacks on mobile and embedded systems. remain notoriously insecure.com/evaluate. though no-one really understands the logic in their targets. hackers are increasingly focused on a new type of target: mobile and embedded systems. Before the point-of-sale readers were sent to Europe. wireless routers. yet they are gaining popularity as platforms for exchanging confidential data and conducting financial transactions. Unlike previous incarnations of hacking. 2009 (http://www. Once the machines were installed. their specially programmed chips siphoned off customers’ credit card data—at unpredictable and nearly undetectable intervals—and relayed it from Europe to Pakistan. In March 2008. Perhaps most ominous of the new hacking trends is the upsurge in cyberattacks against our utility infrastructure. including workers at the Chinese factory.computerweekly. If hackers continue to attack the so-called “smart grid. for example. With millions of new electronic devices connecting to the internet every day.last year [2008] now appears to have been a turning point in the professionalism of cyber crime. Cutting-edge hackers are acutely aware that many of the security procedures and applications in use today have been designed for PC workstations. Even heart pacemakers have joined the networked world and are now vulnerable to hacking. “….Introduction In today’s world of ubiquitous computing. costlier. cyberattacks are becoming more virulent. The thieves made off with at least $50 million before the scheme was discovered [H4].mocana. they were hacked with a tiny.

and the nation’s electric infrastructure.000 times.S. phone phreaks and other hackers Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. Calling themselves [phone] “phreaks. including mobile phones. fails to pass First DEFCON hacking conference held. begins hearings on computer security hacking Morris worm / CERT established First RSA Conference held ILOVEYOU worm infects millions within hours 1970 1977 1982 1988 1993 2000 2005 2009 TCP/IP— Internet Protocol / amateur hackers / BBSes Kevin Mitnick / Increase in attacks on commercial enterprises Paris Hilton’s T-Mobile USA Sidekick hacked Federal Computer Systems Protection Act. defining computer crimes & recommended penalties. FIRST WAVE SECOND WAVE THIRD WAVE Phone Phreaking Hacking group “414s” break into Los Alamos Nat’l Lab. the “internet of things” U. and they usually didn’t fit the profile of career criminals.com/evaluate. House of Rep. becomes an annual event Dmitry Sklyarov becomes 1st person charged with violating the Digital Millenium Copyright Act (DCMA) at DEFCON Some of the early hackers of the 1970s focused on the telephone system. To be a hacker was to have “street cred”—at least among the technologically savvy. when personal computers became widely available. computers U. hacking was an amateur. or “phreakers. they helped themselves to ” ” free long distance by simulating the sounds of phone signals. A Brief History of Hacking Years ago. and implement security solutions that are designed specifically for mobile and embedded devices. This paper attempts to highlight some of the latest attacks against embedded systems.mocana. medical devices. commonly associated with thrill-seeking pranksters whose main intent was showing off their computing prowess or expressing their anti-authoritarian sentiments. In the 1980s.html . files 250. underground activity. hackers tried to break into Defense Dept.S. embedded systems. we need to take a serious look at what types of hacking strategies are being employed today.In this dangerous new interconnected world. GAO reports that in 1995. ~65% of tries were successful Increase in attacks on mobile devices. Although hackers’ activity was often illegal it was rarely malicious.

Also in the 1990s. from small-time con artists out to make a quick buck to international crime syndicates. spoofing legitimate websites to “phish” for personal data. in a shadow economy worth over $750 million in 2007 [H2]. hijacking database information through SQL injection attacks. routers and switches. Hacking’s Dangerous Third Wave Now. the U.S. SCADA (Supervisory Control And Data Acquisition) systems. In 1988. with the advent of what some technologists call the “internet of things” (see Figure 3). One of the most famous of these second-wave attacks was traced to the notorious serial hacker. government’s precursor to the internet. This new hacking wave is poised to bypass the amateur “street-cred” phase and move directly to well-honed. was brought to a standstill by a hacker’s experimental. steal passwords. sophisticated attacks. hackers had threatened enough government and corporate computer systems to prompt the U. and criminalized software development services.began using modems to connect to Bulletin Board Systems (BBSes). we are encountering a third wave of hacking—one that encompasses not only wired computers and networks. and even medical devices. and wreak other kinds of electronic havoc. “how-tohack” manuals.html . began to emerge. ArpaNET. hackers have developed a rapidly mutating and increasingly clever repertoire of attack strategies: embedding rogue programs in legitimate applications. which took on a more overtly criminal sensibility.S. and even enlisting massive armies of zombie computers (“botnets”) to spew out phishing emails and spam. Around the dawn of the commercial internet in the 1990s. printers. are logging into the global cybercrime marketplace to buy and sell malware kits. massively coordinated. all classes of cybercrooks. It is now becoming clear that hacking’s third wave will almost certainly include terrorist cyberstrikes Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana. a second wave of hacking. Kevin Mitnick.000 credit card numbers. self-replicating “worm” program that spread to 6000 of the network’s computers. where they exchanged messages about how to break into computers. foreshadowing the types of attacks that lay ahead. stolen credit card numbers. a group of hackers broke into Citibank’s computers and siphoned off $10 million to their overseas bank accounts [H5]. Government to make hacking a crime. installing keystroke recorders on unwitting users’ computers. Since the early 1990s. but intelligent devices: wireless phones.com/evaluate. Today. By 1986. who was eventually arrested for stealing 20.

integration and forwarding Printer: Automatically reorders toner and paper as needed Microwave: Automatically sets cook cycle with RFID recognition COMMUTE Home / Bed Workplace COMMUTE Home / Bed Coffee Maker: Custom setting for each coffee type. custom tones.against the utility and industrial infrastructure (the “smart grid”)—a danger we can no longer dismiss as a spy movie scenario. starts when alarm goes off Oven: Oven settings from computer or phone if running late Cell Phone: Secure performs identification & verification for payments HVAC: Controls temperature & lights for maximum efficiency Building Security: Security cameras interact with facial recognition database Television: Immediate “one-click” ordering of products seen on commercials Smart Scale: Measures and sends weight info for progress tracking Vending: Automatically reorders supplies before it’s empty Exercise Equipment: Recognizes individual user and tracks workout schedule Figure 3.com/evaluate. turns on coffee maker Automobile: Maps traffic in real time.html . driving the growth of sophisticated identity thefts  Everyday home and office devices—hackers’ gateway to your network Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. shares brushing habits with your dentist Alarm Clock: Remote programs. Electric Toothbrush: Automatically reorders brush heads. The Internet of Things This paper discusses several of these new attack trends:  Growing attacks on soft infrastructure targets  Long-predicted threats to cellular network & smartphones manifesting themselves  The rush to network medical devices outpaces security  Ubiquity of easily-hacked RFID technology threatening privacy.mocana. and suggests recipes VoIP phone: Automatic updates. others can track your location Computer: Centralized control for remote interface to any other device Media Player: Remotely orders new songs & video Refrigerator: RFID tags reorders groceries as needed.

and extort large amounts of money from businesses or governments. and electrical power systems. intimidate the public.Trend #1: Growing Attacks on Soft Infrastructure Targets Since security for personal computers is getting stronger. which can be programmed like computers and have finally become numerous and networked enough to make it profitable for hackers to attack them. PIPELINE COMPANY Pipeline Assets FIREWALL FIREWALL FIREWALL FIREWALL Control Control Center PIPES FIELD SENSORS Security Zone Business Network Security Zone Pipeline STORAGE TANKS Internet REFINING COMPANY Control FIREWALL FIREWALL FIREWALL FIREWALL Refinery Assets COKING UNIT CRACKING UNIT Security Zone Business Network Security Zone Control Center Refinery STORAGE TANKS Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. SCADA devices are key players in the “Smart Grid. a senior CIA analyst shocked his audience by revealing that cyberextortionists in another country had “caused a power outage affecting multiple cities” [S1]. They also comprise an essential component of our industrial. They monitor and control power generators. technology. oil pipelines. economy.html . hackers can gain political notoriety. As more and more SCADA devices come online. or SCADA devices.com/evaluate. In their sights are the millions of industrial control and coordination. refineries. manufacturing plants. By targeting a city’s infrastructure. airport traffic. and military vessels. and security become vulnerable to hacking attacks [S10]. the more our nation’s health. hackers are increasingly looking for “softer” targets. water treatment facilities. At a conference in January 2008. and communications infrastructure. controlling building security.mocana. the network of sensors and ” computerized systems that make up the utility infrastructure of our society.

Companies and governments understandably do Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. including dial-up modems. VPN (virtual private network) connections. They tend to be configured with off-the-shelf networking software and have weak internal security protections.html . for fear of encouraging further attacks and compromising national security. remote wireless systems and trusted third party connections” [S2]. experts are seeing more and more attacks originating from external sources. even from residents of foreign countries. One recent report notes the potential involvement of smart phones in SCADA attacks.Existing SCADA devices are often decades old and operate with legacy computer hardware. Although guarded by a hard shell on the outside. Now. especially as “ubiquitous computing” becomes the norm.com/evaluate. Planning/ Scheduling Corporation Workplace Corporate Network Supervisory Control Operator Workstation Operator Workstation Control Network Regulatory Control RTU/PLC Sensor Actuator RTU/PLC Sensor Actuator RTU/PLC Sensor Actuator Field Area Network Physical Infrastructure In the past. security personnel.mocana. gates. In 2004. Eric Byres. industrial facilities may still contain a soft center—their computerized control systems—an easily penetrable core which now is exposed to the outside world through the internet. a BCIT research faculty member. An outsider with a cell phone could manage to access SCADA devices via the phone’s internet connection [S6]. the majority of SCADA attacks were perpetrated by insiders who had access to the controls: disgruntled ex-employees or saboteurs. with locks. One of the problems with assessing the prevalence of SCADA attacks is that they are rarely reported in any detail. a British Columbia Institute of Technology (BCIT) analysis of 24 control system security incidents instigated by outsiders showed that 36 percent came in through the Internet. noted that “an awful lot are coming in through other ways.

the targets more wide ranging and the attackers are not who we think they are. attacks against SCADA devices are being carried out by enemy nations as part of a greater “cyberwarfare” strategy to sabotage the U. open networks. a nuclear power plant was accidentally shut down because a computer used to monitor chemical and diagnostic data rebooted after a software update.. and other Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.html . phishing. The latest mobile phones are also the most vulnerable to attack. Clickjacking.S. government agencies report that attacks against infrastructure targets have increased dramatically. Director of Research for the SANS Institute Trend #2: Long-Predicted Threats to Cellular Network & Smartphones Manifesting Themselves Researchers are predicting that 2009 will be a significant year for mobile attacks [H10]. Smartphones. The number of active users of mobile banking and related financial services worldwide is expected to rise from 20 million in 2008 to 913 million in 2014 [M4].K. economy and infrastructure. such as Cross-Site Scripting (XSS). Alan Paller. readily downloadable applications. “… A careful statistical analysis of validated control system incidents at 22 major corporations indicates that … the incidents are far more widespread than commonly believed. so they fail to share information freely. the UK’s National Infrastructure Security Co-Ordination Centre issued a public advisory about a series of targeted attacks against the UK central government and commercial organizations “for the purpose of gathering and transmitting otherwise privileged information”[H8]. In another incident in 2008. and the lack of strong security. the data shows that getting into most control systems is surprisingly easy” [S11]. now come with “real” browsers with JavaScript engines. such as the Apple iPhone and the Google Android phone.mocana. With the rise of unlimited data plans. a teenager in Poland rigged a TV remote control to control the switch tracks of trams. in March of 2008. hackers. For example.not want any information about SCADA breaches to fall into the wrong hands. and phishers are now beginning to recognize the profit potential of mobile phones [M4]. exposing them to traditional browser attacks. There were four derailments and twelve resultant injuries [S4]. … A careful statistical analysis of validated control system incidents at 22 major corporations indicates that … the incidents are far more widespread than commonly believed. In the U. In June 2008. Even more ominous. the targets more wide ranging and the attackers are not who we think they are. According to Alan Paller. Director of Research for the SANS Institute. spammers.com/evaluate. Most frighteningly. Adding to the allure of mobile hacking for cybercriminals are the fraud opportunities presented by the burgeoning mobile financial services market.

60% 50% 40% 30% 20% 10% 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 2008 2007 2006 0% Loss of user data from devices Phishing attacks in any form Figure 6. % of respondents. Other vectors for smartphone attacks include email. Facebook. MMS. the newest of the 420 smartphone viruses identified since 2004 have reached a state of sophistication that took computer viruses about two decades to achieve [M6]. WiFi. However. The increase in security issues experienced by mobile device users from 2006 to 2008.html Third party application/content problems Network or service capacity issues Privacy and regulatory issues Denial of service attacks Virus/spyware infections Voice or text spam attacks 2008 2007 2006 .malicious techniques.mocana. attachments. As the iPhone and other smart phones continue to gain market share at a rapid rate. According to researchers. web pages. instead skipping straight to for-profit hacking. hackers will increasingly focus their efforts on mobile devices. Figure 6. These phones are also vulnerable to “man-in-the-middle” attacks. professional criminals are sure to follow quickly. and Bluetooth [M3]. from McAfee [M2]. Although the first iPhone or Android malware writers might be motivated by street cred like earlier hackers. McAfee Mobile Security Report 2009 Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. it is doubtful that this new wave of hacking will go through an extended phase of nuisance hacking as was the case with PCs. in which a hacker could come between the phone and a web server and offer malware in the guise of a legitimate update to one of the user’s trusted applications. illustrates how mobile security threats have been increasing since the introduction of popular smartphones.com/evaluate.

+975% 2005 2008 Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. Some smart phones already have more memory and higher processing power than laptops from just a few years ago. Mobile malware spreads primarily by two methods: MMS and Bluetooth. For one. Since mobile users are more trusting than PC users about messages from unknown senders. In the chilling words of one expert. In January 2008. Once activated. by prompting them to click on information about a disaster that supposedly occurred in their area [M5]. for example. the malicious program is actually a mobile application installer. mobile users tend to be less guarded than computer users about clicking on links.Several features of smartphones make them particularly tempting targets.com/evaluate. enabling SMS phishers (“SMishers”) to gain information or send malware via a link in a legitimate-looking text message.mocana. it creates new files and sends them as MMS messages to all the victim’s contacts. particularly in Asia where cell phones greatly outnumber PCs. Trend Micro researchers discovered a new Symbian virus that uses both Bluetooth and MMS messages to infect other phones. such as phone numbers and addresses. A constantly moving and adapting mobile botnet presents a compelling business proposition for hackers and an interesting real-world case study in chaos theory” [M1]. location-enabled smartphones let spammers personalize malware for each user by mentioning their locale. which criminals can extract and sell in the ID fraud marketplace. this malware has the potential to spread very rapidly throughout a smartphone network. cell phone malware is beginning to proliferate. In addition. Although not yet as pervasive as PC malware. And. “No one should be surprised if we see the first major threat of the migration of botnets from traditional computing devices to mobile platforms. mobile phones are a treasure trove of personal information. Disguised as an innocuous-looking multimedia file. to make things even easier for cybercrooks. The most worrisome trend in mobile hacking is the spectre of a mobile botnet —that infamous army of zombified computers programmed to follow a hacker’s bidding.html .

Mocana’s CEO. have a CPU and an IP address that enable them to transmit and receive information. malware protection. which far outnumber hospital PC workstations. but also expose them to attacks. a lead researcher on the project at the University of Washington. In a paper published last year by the Medical Device Security center about pacemakers and ICDs. Tadayoshi Kohno.  Bricking. such as heart pacemakers. to perform malicious tasks [D4]. and can be remotely used. this could entail sending the product back to the manufacturer. This usually refers to damage to system software or firmware.com/evaluate. Medical devices are increasingly leveraging IP and common OS platforms that enable them to utilize large libraries of software and communicate more easily. security concerns have been poorly addressed. or Trojan horse. implantable cardioverter-defibrillators (ICDs). But in the rush to establish common platforms and network these devices. without the owner’s knowledge.html . They revealed that ICDs could be hacked to alter patient data or reset how shocks are administered. A large number of medical devices. or even recent security or OS updates. Adrian Turner.  Theft of sensitive information. bedside monitors. MRI machines. In the case of medical devices. A zombie is a device attached to the Internet that has been compromised by a hacker. which would require a complete system wipe and reinstall in order to regain use of the device. lacking firewalls. virus. but I worry that they could increase in the future” [D1]. says. Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. and portable drug-delivery pumps. Attacks we’re beginning to see directed at medical devices include:  Sniffing (also called snooping) or eavesdropping. strong encryption.  Data destruction. with potentially fatal consequences. researchers described how they were able to hack into an ICD and intercept private data transmissions [D3]. who has studied vulnerability to hacking of networked computers and voting machines.mocana.Trend #3: The Rush to Network Medical Devices Outpaces Security One truly scary attack trend is the growing offensive against medical devices.  Zombification. says that “the risks to patients now are very low. “The same types of attacks that have traditionally targeted sectors such as consumer electronics are being directed at medical devices. Medical devices. are usually the softest targets on a hospital network.

as one amateur hacker has shown. “smart” credit card—without physically coming into contact with the card. which could conceivably be tracked from a couple of miles away. such as a shared printer. wallet-sized passports in an hour. If. Driving the Growth of Sophisticated Identity Thefts One of the most common attacks on wireless networks is “war driving. [P1] No matter how ordinary. faxes. is that the data is decrypted at the point of sale by a machine rather than at the card company’s secure data center [R3]. a security expert cruised around Fisherman’s Wharf. in which ” hackers drive around a neighborhood. Trend #5: Everyday Home and Office Devices— Hackers’ Gateway to your Network In today’s hypernetworked corporate environment. it’s possible to gain access to an unsecured printer using just Google and a web browser. and other personal information off an RFID-equipped.mocana. This “war cloning” experiment was so successful. this insecure technology poses a strong risk for identity theft and invasion of privacy [R1]. every device on a network needs good security! Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. Although no criminal hacks of passports or e-licenses have been detected to date. and managed to clone half a dozen electronic.Trend #4: Ubiquity of Easily-Hacked RFID Technology Threatening Privacy. Hackers are increasingly exploiting long-forgotten or ignored printers. and scanners to bypass firewalls and penetrate a network.html .com/evaluate. can pose a dangerous security risk. In the latest twist on war driving. The problem with these “contactless credit cards. imagine what a hacker could do with access to a fax machine and an outside phone line. says inventor ” Pablos Herman. anyone with $8 worth of equipment bought on EBay can sniff the credit card number. says the researcher. because the type of RFID in the Homeland Security’s version of a passport emits a real radio signal. cardholder name. In another RFID hack. hunting for unsecured wireless nodes. armed with a cheap RFID scanner and a low-profile antenna. more and more office machines are equipped with an IP address—which means that even a seemingly harmless and mundane peripheral.

but also the potential for criminality and disruption on a grand scale. Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. but our national security and even our lives.com/evaluate. When the possibility of hackers controlling people’s pacemakers is a topic of serious research. we need a strategy that is equal to the adversary—multilayered. and our money.mocana. To defend against the new wave of attacks.Conclusion Clearly. The latest attack trends threaten not only our privacy. ” The alternative to protecting these devices (mobile botnets and compromised water systems. we’ve come a long way from the days of phone phreaks and Kevin Mitnick. we know we’re in a new world. out-of-sync heart pacemakers and stolen identities) presents an unacceptably high risk. our data. complex.html . and well-organized—and is focused on the mobile and embedded devices that make up the “internet of things. one that holds the great promise of connectivity and ubiquitous computing.

org/5gELyrFhl) Networking and Information Technology Research and Development Program (NITRDP). Trend Micro 2008 Annual Threat Roundup and 2009 Forecast.org/5gELyrFhS) Sophos. [H11] ZScaler. accessed: 2009-4-6.out-law.html.hackingalert. November 2008.References and Further Reading [H1] [H2] Cisco. (Archived by WebCite® at http://www. George Heron. URL: http://www. com/hacking-articles/history-of-hacking. Supplement to the President’s Budget for Fiscal Year 2009.php. 2009.com/page-6374. URL: http://www.symantec. (Archived by WebCite® at http://www.. December 2008. [H3] [H4] [H5] [H6] [H7] [H8] [H9] [H10] Trend Micro. zscaler. 2005. . et al.com/evaluate.webcitation. Cisco 2008 Annual Security Report. Sophos Security Threat Report: 2009.com.. (Archived by WebCite® at http://www. Richard M. Pinsent Masons LLP “Hack Attacks Shift to Applications. 2008.org/5gELyrFhc) Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. accessed 2009-3-20.com.org/5gELyrFhH) “Malware Trends: What Will Attack Us in 2009?” H-Desk. October. Symantec report on the underground economy. November 23.html . Eric Johnson.webcitation. (Archived by WebCite® at http://www. ” URL: http://www. 2009 Web Security Predictions.webcitation. October 11.com/articles/Malware_Trends__What_Will_Attack_Us_ in_2009__a45_f0. cisco. Nov 25.html.html.com/go/securityreport.com/2009/01/web-security-predictions. URL: http://www. 2008.wsj. 2008. org/5gELyrFgr) Merrick Furst. accessed: 2009-4-6.com/mktginfo/enterprise/ white_papers/b-whitepaper_underground_economy_report_11-2008-14525717 . January 6.pdf. accessed: 2009-4-6.org/5gF1zAfd1) “Is Hacking Always Bad?” Hacking Alert. Dean Turner. Marc Fossi. accessed: 2009-4-6.mocana. webcitation.webcitation. Networking and Information Technology Research and Development. URL: http://eval.com/article/ SB122366999999723871. Siobhan Gorman. (Archived by WebCite® at http://www. en-us. 2008.. (Archived by WebCite® at http://www. URL: http://online. et al.h-desk. Inc. Georgia Tech Information Security Center Emerging Cyber Threats Report for 2009. George. 2008. URL: http://research. accessed 2009-3-20. February 2008.webcitation. “Fraud Ring Funnels Data From Cards to Pakistan” Wall Street Journal. Inc.

nytimes. (Archived by WebCite® at http://www. accessed 20093-20. org/5gELyrFit) [D2] [D3] Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.scmagazineuk.au/article/267157/mobile_malware_what_happens_ next?pp=1.mocana. May 2008. 2009.php. “A Heart Device Is Found Vulnerable to Hacker Attacks. March 12. Feder. URL: http://www. ” ReadWriteWeb.com/security/?keyword=smartphones. accessed 2009-3-20. et al.webcitation. Medical Device Link.com/evaluate. accessed: 2009-4-2 (Archived by WebCite® at http://www. González. accessed: 2009-4-6.html . org/5gELyrFij) McAfee and Informa Telecoms and Media.com/mddi/archive/09/03/011. Mobile Security Report 2009. Heydt-Benjamin.devicelink. “First Came Geo-Awareness. URL: http://www.sciencexpress.com/archives/ . Thomas S.org. URL: http://www.html) Daniel Halperin.html. (Archived by WebCite® at http://www.org/5gExlvgsU) Maria Fontenazza. URL: http://www. accessed 2009-3-20. first_came_geo-awareness_then_came_geo-aware_malware.com/us/local_content/reports/mobile_security_ report_2009. webcitation. (Archived by WebCite® at http://www.org/5gELyrFiO) [M2] [M3] [M4] [M5] [M6] [D1] Barnaby J.mcafee. ” April 2. (Archived by WebCite® at http://www.org/5gELyrFiE) Pu Wang. Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. accessed: 2009-4-6. ” Medical Device and Diagnostic Industry.webcitation.webcitation. pdf. Then Came Geo-Aware Malware. URL: http://www.cso. accessed: 2009-4-6.webcitation. URL: http://www. 2009. “Hackers May Prey on Medical Devices. devicelink. November 13.com/2008/03/12/ business/12heart-web. accessed: 2009-4-6. ScienceExpress ” Report.readwriteweb. Marta C. 2009.com/Mobile-hackers-cash-in-on-lackof-protection-offered-by-networks/article/129941/. accessed 2009-3-20.webcitation. 2008.org/icd-study/icd-study. (Archived by WebCite® at http:// www. “Mobile Malware: What Happens Next? CSO. URL: http://news. (Archived by WebCite® at http://www. 2009. April 2. “Understanding the Spreading Patterns of Mobile Phone Viruses. CNet News. URL: http://www.org/5gELyrFi4) “Mobile hackers cash in on lack of protection offered by networks.com/mddi/ archive/09/03/011. César A.secure-medicine. URL: http://www. March 17 2009.html. 2008. SC Magazine. “Mobile: The holy grail at security conference.webcitation. Benjamin Ransford. Hidalgo.[M1] Bill Brenner. March ” 20.org/5gELyrFiZ) Sarah Perez.webcitation. ” New York Times.cnet. (Archived by WebCite® at http://www.org/5gExlvgs2) Elinor Mills.pdf. Albert-László Barabási.com. (Archived by WebCite® at http://www.

2009.automationworld. 2009. uploads/datasheets/IEBook_May_07_SCADA_Security_Trends. html.org/5gExlvgtT) Grant Gross. accessed: 2009-4-6.html.org/5gExlvgtK) Glenn Derene. February 9.msnbc. org/5gELyrFjm) Nathan McFeters. accessed: 2009-4-6.popularmechanics. Research Challenges for the Security of Control Systems. accessed: 2009-4-6. Shankar Sastry. (Archived by WebCite® at http://www. “Apocalypse Soon?” Computer Weekly. URL: http:// www. March 19.computerweekly. accessed: 2009-4-6.Electrical utilities in multiple overseas cities affected” MSNBC.org/5gExlvgt2) Eric Byres.webcitation. org/5gExlvgsg) [S1] Ted Bridis.usenix. URL: http://www.webcitation. David Leversage. Institute for Information Infrastructure Protection (I3P). January 18. URL: http:// www.com/news-957 accessed: 2009-4-6 .wired. 2008. UC Berkeley.org/5gELyrFjS) National Cyber Security Research and Development Challenges. URL: http://www.infoworld.mtl-inst.com/ technology/military_law/4307521. (Archived by WebCite® at http://www. 2009.org/5gExlvgsq) David Lacy.pdf. html.com/images/ .webcitation. URL: http://www. 2008. Cárdenas. “How Vulnerable is U.com. URL: http://blog. accessed: 2009-4-6. accessed: 2009-4-6. [S2] [S3] [S4] [S5] [S6] [S7] [S8] [S9] [S10] “The Return of SCADA vulnerability. (Archived by WebCite® at http://www.zdnet. 2008. 2009. (Archived by WebCite® at http://www. November ” 1. 1999. 2008.com/security/?p=1268. Automation World.org/5gELyrFjb) Wes Iverson.msn. A Report to the Senate Committee on Homeland Security and Governmental Affairs. May 2007 URL: http://www.webcitation.com/id/22734229/. “Hacking SCADA for terrorism and destruction.com/blogs/david_lacey/2009/03/apocalypse_soon.com/d/security-central/ expert-hackers-penetrating-control-systems-084. “Expert: Hackers penetrating control systems.html . and Nate Kube. Industrial IT.webcitation. Saurabh Amin. URL: ” http://www. “WiFi Pacemaker Hack Leads to Real Life Zombie Armies?” Wired.com. InfoWorld Security ” Central.au/Article/The-return-of-the-SCADA-security- Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.webcitation. Alvaro A.webcitation. Zero Day ” (ZDNet).mocana.com/evaluate. URL: http://www. (Archived by WebCite® at http://www. URL: http://blogs. 2004. Security incidents and trends in SCADA and process industries. Infrastructure to a Major Cyber Attack?” Popular Mechanics. “CIA: Hackers demanding cash disrupted power . “Hackers Step Up SCADA Attacks. March 4.webcitation.com/27bstroke6/2008/03/wifi-pacemaker. (Archived by WebCite® at http://www. (Archived by WebCite® at http://www. June 12. org/event/hotsec08/tech/full_papers/cardenas/cardenas_html/. (Archived by WebCite® at http://www.S.[D4] Ryan Singel. March 12.industrialit. April. accessed: 2009-4-6.

org/5gELyrFkW) Joanne Kelleher. (Archived by WebCite® at http:// www.vulnerability/437404.mocana. ” May 30. accessed: 2009-4-6.org/5gExlvgt) Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. URL: http://strom. “Another RFID Hack—Contactless Credit Cards. accessed 2009-4-22.org/5gExlvgtB) [R1] Kelly Jackson Higgins. org/5gELyrFkE) Joel Hruska. 2008. February 2. (Archived by WebCite® at http://www. RFID Security. URL: http://www. (Archived by WebCite® at http://www. ” March 25. (Archived by WebCite® at http://www.wordpress. “Internet tubes dripping with ‘raw sewage’ of DDoS attacks.webcitation. Dark Reading. accessed 2009-4-22.sans.com/2008/05/30/beware-of-networkprinter-hacks/.com/RFID-Security-blog/?p=47 . September 7 2008. 2009. (Archived by WebCite® at http://www.webcitation. 2008.com/evaluate.html .org/5gELyrFjw) [S11] SANS Institute.html .jhtml?articleID=213000321. Driver’s Licenses: researcher demonstrates the ease of scanning and cloning new Homeland Security-issued ID cards.darkreading. accessed 2009-3-20. 2008 http://arstechnica.aspx. org/5gExlvgtc) [R2] [R3] [P1] David Strom.webcitation.ars/post/20080403-internettubes-dripping-with-raw-sewage-of-ddos-attacks. (Archived by WebCite® at http://www.com/security/privacy/showArticle. “Special Webcast: Cyber Attacks Against SCADA and Control Systems—Real World Trends and Real World Solutions.php?webcastid=90748. “Drive-By ‘War Cloning’ Attack Hacks Electronic Passports. Ars ” Technica. April 3.webcitation.securerf. “Beware of Network Printer Hacks.org/webcasts/show.webcitation. accessed 2009-4-6. URL: https://www.com/news. URL: http:// ” www. webcitation. David Strom’s Web Informant. ” .

VPNC CERTIFIED Basic Interop AES Interop IKEv2 Basic Interop IPv6 Interop Tech Choice 2008 Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www. and Radvision. servers. Symbol.11 extensions NanoCert™ Certificate management for client devices NanoDTLS™ Embedded DTLS client NanoDefender™ Intrusion detection for devices DSF for Android™ Quick-development security toolkit for Google Android handsets Downloads and Contacts  For details about the Mocana Device Security Framework.html . Mocana’s solutions ensure that wired and wireless devices. Cisco. Nortel Networks. and the enterprise networks to which they connect.com/device-security-framework.mocana. Honeywell. MOBIKE NanoEAP™ EAP supplicant and 802.com or call 866-213-1273. among others. Harris.html. visit www.mocana.mocana. our infrastructure.com. For more information.  For pricing and purchase information.html.com/evaluate.com/evaluate. visit http://www. Avaya. email sales@mocana. As connected devices proliferate—they already outnumber workstations on the Internet by about 5 to 1—attacks on these “soft targets” are rising exponentially.About Mocana Mocana secures the “Internet of Things”: the ubiquitous devices of our lives. networks. and their services all scale securely. Mocana Solutions NanoBoot™ Secure preboot verification for firmware NanoUpdate™ Secure firmware updates NanoWall™ Embedded system firewall NanoSSH™ High-performance SSH client and server NanoSSL™ Super-small SSL client and server NanoSec™ Device-optimized IPsec. visit www. mocana.  For your 90-day free trial. Customers include Dell. IKEv1/v2. The company was recently named one of Red Herring’s GLOBAL 100—one of the “Top 100 Privately-Held Companies in the World” for 2008. and also won Frost & Sullivan’s Technology Innovation of the Year award.

Sign up to vote on this title
UsefulNot useful