General security

The Security Weaknesses of Smartphones

Ravi Das
April 24, 2017 by
Ravi Das

Introduction

Back a long time ago, one of the first computers at least came out was known as the "TRS-80", which was manufactured by Radio Shack at the time. This computer came out in the late 1970s, and at the time, it was heralded to be a breakthrough in computer technology.

It could run and execute software code quite efficiently, which was "BASIC." Then about a year later, the pocket version of the TRS-80 came out, and it too was branded as a success in the field of computer technology.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Of course, over time, computer technology has evolved into a way which was never predicted before. Many scientists and engineers had predicted that the computer would simply just be a hardwired workstation, which would either be left at the office or at home.

The thought never even occurred that one day it could become a portable device which would fit into the size of our hands or even our pockets.

There are many reasons for how computer technology has changed over time, but one key factor for sure in this was the explosion of the Internet. For instance, during the time of the late 1990s, this was the period of the "dot.com" boom. Every new business that was launched had to be branded as "dot.com."

Because of this, people wanted to have quick access to the latest news and headlines of these new companies which were emerging so that they could claim their financial stake in them. This meant that the Internet or Web connectivity had to become much more robust, and of course, a lot quicker to satisfy the needs of the individual.

Not only this, but the ability to access the information and data at any time became even more important.

Thus, the rise of the wireless device came into demand. These workstations which were once hardwired and could only remain at a desk now became portable enough so that an individual could carry it with great ease and little effort. However, despite these major advantages, businesses and corporations still demanded more.

For example, with the advent of VoIP technology, an individual could easily flip out their portable wireless device, and engage in a conversation with another party over the Internet, or for that matter, even Instant Message and send E-Mails in just a matter of minutes.

However, the disadvantage of this was that it still required extra time to do all of this, and especially, to find a wireless connection to engage into all of these specific activities.

Thus, this need for an almost instant connection to communications as well as the Internet gave rise to the Smartphone. The first variation of this was simply just a cellular device, in which employees could easily text, E-Mail, and send Instant Messages to one another. However, with the extra functionalities added on such as that of video capture, GPS, Mobile Apps, podcasting, etc. this cellular device now became known as the "Smartphone."

One of the primary reasons why this device had the term "Smart" attached to it was that everything that you needed could be from one central device which could be easily carried on your person. Moreover, today, we are seeing this now becoming a true reality.

Everywhere you go, more than likely, you will find people tethered to their Smartphone device.

In fact, it has even become an extension of both our professional and personal lives. For the road warrior of a business or a corporation, there is even no need to have a wireless device, as he or she can now use the Smartphone to conduct all of their business activities.

However, there is also a flip side to all of the convenience and advantages that a Smartphone can bring: It is one of the most sought-after targets by a Cyber attacker. One of the reasons for this is that as described before, it has become an extension of us.

Thus, with a simple Malware or Spyware attack, the Cyber attacker can not only garner a lot of information and data, but he or she can also inflict a sense of deep of paralysis from within an entire population.

Very often, your Smartphone will be targeted, and even hit with a very covert attack. The reality will be that you will never know that you have become a victim until it is too late. In this regard, the Cyber attacker is often very patient in launching their attack, to fully ensure that it will be successful.

There is not one Smartphone device which is non-vulnerable to a Cyber based attack. They all are, including the major brands of the iPhone and the Samsung devices. In this series of articles, we will be examining the threats which are posed to these devices, and the solutions a business or a corporation can implement to curtail these kinds of Cyber-attacks.

In this article, we specifically examine those threats which are posed to the Samsung Smartphones.

The Security Threats Posed to the Samsung Smartphones


It is important to note that the actual Operating System used by the Samsung Smartphones is that of the "Android." It was created and is being currently maintained by Google. It first launched back in 2003 and is used in a number of other Smartphone technologies as well, which includes the likes of LG, Sony, Acer, Motorola, etc.

However, in the last few years, because of its increased level of demand, it has even surpassed the adoption rate of the iOS, the Operating System developed by Apple and which is used primarily in their lines of wireless and mobile devices.

As a result, it has been prone to a number of Cyber and other types of Security breaches and thus has a negative impact upon the actual Samsung hardware which is being used by the customer.

One of the most recent vulnerabilities was revealed just late last year (in October 2016) by an Israeli Security firm known as the "Viral Security Group." In their published whitepaper, they revealed that serious gaps in the Samsung "Knox System."

This is a feature which has been implemented into the Android Operating System which is used in the Samsung Galaxy S6 and the Galaxy Note 5 product lines.

The basic premise of the Knox System is to offer enhanced protection to the data (which includes both corporate and personal information/data) is stored on these respective devices. In a Penetration Testing project known specifically as the "KNOXout," security experts at this Israeli company quite easily and effectively took covert advantage of the privilege escalation features which were available at the time in the Knox System.

To launch this type of attack, the Penetration Testers took advantage of another vulnerability which related to the kernel of the Android Operating System. This has been categorized in technical terms as a "Write-What-Where" vulnerability (further details of this can be seen at this link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805).

As a result of this, the Penetration Testers were able to garner complete control over the Samsung device. From this point, the other Security features of the Knox System could be disabled (and ultimately gaining root privileges) even Malware and Spyware based .exe files could be injected, thus hijacking all of the confidential data which resided in these wireless devices.

Once this has been retrieved, then the Cyber attacker could have very easily launched very sophisticated and covert types of Identity Theft attacks.

Not only this, but once inside the Knox System, the Cyber attacker could also very easily replace the legitimate Mobile Apps with rogue ones, and from there, lead the user of the cellular device to fake websites, such as those of financial ones, in which he or she would have to submit their username and password combination.

However, this is not the only problem which was prevalent with the Knox System; there were others as well which were discovered through the use of Penetration Testing. Samsung has since claimed to have fixed this major vulnerability and encourages their customers to keep their Smartphone devices up to date with the latest Software Upgrades and Patches which come out.

Apart from this, there are also other techniques in which a Cyber attacker can penetrate through the Android Operating System, and thus affect the Samsung wireless device itself. Here are some examples of this:

  1. Resource Draining:

    The various types and kinds of applications which run on the Android Operating System are known to be rather memory "intensive." In other words, a lot of memory is used, without much forethought given in how to ration the valuable resources of the memory so that it is running in peak and optimal conditions. Being aware of this fact, a Cyber attacker can easily launch a rogue Mobile App, thus draining the resources of the memory even more. In the end, the Operating System will literally "collapse," thus rendering the Samsung device totally inoperable. In a way, this is sort of similar to Distributed Denial of Service (DDoS) attack on a Central Server.

  2. Installing an Application(s):

    Unlike some other mobile based Operating Systems, the Android OS asks the end user for permission to gain access to the information/data, names of contacts, etc. when the applications are being installed for the very first time. Obviously, most end users want to use their Samsung device as soon as he or she possibly can, so naively, they allow this to happen. However, unbeknownst to them, a Cyber attacker could very easily be "listening" into this process, and thus hijack any and all of the information/data which currently resides on the Samsung wireless device.

  3. Covert Eavesdropping:

    If the above situation does indeed actually happen, whereby the end user has permitted the Android Operating System to gain full control to launch new applications virtually, it can then literally read any information/data which is entered into it by the end user at subsequent points in time. As a result, with the Security vulnerability which was presented in the Knox System, a Cyber attacker can launch a covert Malware or Spyware into the Android Operating System and literally "eavesdrop" on the new information/data which is being entered into the wireless device.

  4. Private Network Compromising:

    Given some of the vulnerabilities in the Android Operating System, a Cyber attacker, with any form of advanced knowledge or technical training, can use a specific Samsung wireless device as a "springboard" in which to launch a covert attack on other cellular devices, whether they are Samsung related or not. Thus, in a very similar fashion, the rogue wireless device becomes the "zombie computer" in this regard.

  5. Botnets:

    A much more sophisticated and large-scale version of the above scenario is that of the Botnet. Essentially, this term is a combination of the usage of the words "Robot" and "Network." A Botnet can specifically be defined as follows: "A number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet." (SOURCE: 1).

    Should this kind of attack take place on the Android Operating System, it can have these kinds of effects:

  • All of the hardware which is in the Botnet will malfunction and breakdown, in not sooner than later, in a way which the end user will not be aware of.
  • Any of the Samsung devices involved in this attack (in actuality, it does not have to be a Samsung device per se, this kind of attack can involve any wireless device make or model) can be used to corrupt and totally disable the information/data on any type or kind of wireless device (this even includes tablets, notebooks, PDAs, etc.).
  • The Cyber attacker can also take complete control of all the wireless devices which are involved in the Botnet and even cause a huge financial burden on the end user by making unauthorized calls, exceeding the bandwidth that is allotted by making use of memory "hungry" resources, etc.
  • Conclusions

    In summary, the Smartphone has become an extension of both the personal and the professional life and user. In fact, in today's world, there is even no need for a business or a corporation even to maintain a physical presence with all (this, of course, depending on the type or kind of activities in which the organization is engaged in).

    After all, now most work can be conducted on the Smartphone, ranging from holding virtual meetings to even composing the documentation which is required for a specific task.

    However, despite these advantages of the Smartphone, it is still one of the prized items on the list for the Cyber attacker. One of the reasons for this is that they realize the feeling of paralysis which can ensue upon the end user if their Smartphone is hacked into.

    This article reviewed the in some detail the Security vulnerabilities which are posed by the Android Operating System and the Samsung hardware which utilizes it. The types of threats examined including hacking straight into the Android Operating System, conducting Eavesdropping, Resource Draining, Rogue Application, and Botnet based attacks.

    FREE role-guided training plans

    FREE role-guided training plans

    Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

    Our next article will continue to look at the threats to Samsung devices, as well as the iOS Operating System which is used by the wireless devices manufactured by Apple.

    Resources

    Ravi Das
    Ravi Das

    Ravi is a Business Development Specialist for BiometricNews.Net, Inc., a technical communications and content marketing firm based out of Chicago, IL. The business was started in 2009, and has clients all over the world. Ravi’s primary area of expertise is Biometrics. In this regard, he has written and published two books through CRC Press. He is also a regular columnist for the Journal of Documents and Identity, a leading security publication based out of Amsterdam.

    You can visit the company’s website at www.biometricnews.net (or http://biometricnews.blog/); and contact Ravi at ravi.das@biometricnews.net.