Soon to be released hacking program uses BlackBerry connection to bypass enterprise security mechanisms.
Secure Computing Corporation warns that organizations that have installed their BlackBerry server behind their gateway security devices could be subject to a hacking attack when security researcher Jesse D'Aguanno is scheduled to release the code for his BlackBerry hack next week.
The soon to be released hacking program called BBProxy can be installed on a BlackBerry or sent as an e-mail attachment to an unsuspecting user. Once installed, BBProxy opens a back channel bypassing the organizations gateway security mechanisms between the hacker and the inside of the victims network. Since the communications channel between the BlackBerry server and handheld device is encrypted and cannot be properly inspected by typical security products, a tunnel is most often opened by the administrator to allow the encrypted communications channel to the BlackBerry server inside the organizations network. A malicious person could potentially use this back channel to move around inside of an organization unabated and remove confidential information undetected or use the back channel to install malware on the network.
Secure Computing offers the following common sense network architecture and policy suggestions to reduce the risk of this impending threat:
Related links: (Open in a new window.)
www.wired.com/news/technology/0
71548-0.html?tw=wn_technology_1
Taken from Information Security Bulletin.