Page 34 - CDM Cyber Warnings February 2014
P. 34
issue mobile has going against it in securing your IT a piece of hardware that is not part of the mobile device
network. And we can thank Washington for that bootloader, where the carrier accesses the device.
distinction, when U.S. lawmakers forged the Separating the way the device connects to a network – i.e.
Communications Assistance for Law Enforcement Act removing it from the device-architecture location that the
(CALEA) of 1994. Essentially, the law calls for mobile carrier network also accesses – provides a barrier that is
carriers to and manufacturers to build in wiretap, trap & encrypted and only accessible with the proper
trace, and other surveillance technology to assist law identification key only known to the user and that is linked
enforcement to track criminals� locations through their to the device. If the device is cloned, network access is
mobile devices. Ironically, the technical architecture borne denied if the identification key is not entered correctly.
from CALEA to protect us from criminals is the biggest
The military utilizes hardware-separated MFA for mobile
hindrance to protect us from cyber-based terrorism.
devices but in general, MFA for mobile has yet to become
�Because of CALEA, your phone is basically, always open,� widespread in the public and private sectors. IntegriCell is
says Jonas Gyllensvaan, mobile security software one commercial solutions vendor that provides hardware-
entrepreneur, and CEO and founder of SyncDog, a solution separated MFA for mobile devices. Their product,
that provides real-time service visibility for mobile devices KeyLime, is an encrypted hardware token that works on
and tablets in enterprise IT networks. any mobile device that has a 1/8� audio jack. The token
plugs into the audio jack as if it were a set of ear buds. Once
“No amount of software the encryption key is authenticated to the handset, the
token can be unplugged and the device is secured and can
or firmware can prevent be used as normally intended.
a malicious operator Industry analysts will argue that IT security solutions are
a commodity now, a crowded marketplace of vendors large
from setting up a rogue and small but with seemingly little differentiation. That
may be true but the use cases where government and
carrier network and industry have become proactive and prevented cyber
intrusion before it happens, are few and far between, albeit
cloning a mobile the clever marketing promotional material. Fact is, big data
Device” is creating a lot of IT chaos. And doing more IT work with
fewer IT resources is making IT harder than ever to
manage. Add to the mix a decline in hardware prices (we
can just get another server to run that) and the complexity
�No amount of software or firmware can prevent a
grows exponentially.
malicious operator from setting up a rogue carrier network
and cloning a mobile device,� Gyllensvaan adds. �The user We�re making it easier for the malicious operator �
never knows about the intrusion and it could be weeks
Big data, complex matrices of IT hardware and legacy
before the malicious operator exfiltrates IP from the parent
software that you didn�t even know existed in your
organization. Clearly, this is the hardest type of breach to infrastructure, too much work/too few resources,
prevent and the only known defense is hardware-separated,
overflowing helpdesk tickets… What would it take for a
multi-factor authentication.�
malicious operator to unleash a virus on one of the power
grids, or take down an air traffic control system, or shut
Hardware-separated, multi-factor authentication has been
down the SK Energy oil refinery in South Korea that pumps
around for years but is a relatively new technology for
out over a million barrels per day� If you think any one of
mobile devices. MFA separates access from the device with
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 34