Moving to Mobile – The Changing Face of DDoS

Like any data communication network, mobile networks contain a range of security threats. Though some threats are easy to identify and mitigate, the unique structure and complexity of mobile networks makes security threats elusive. In the past, mobile networks enjoyed the privileges of a “Walled Garden” – a closed, isolated ecosystem – under the full control of mobile carriers that used proprietary protocols and had minimal security risks due to restricted user access. They developed their own technologies, standards and interface systems, and were rewarded with security through carefully constructed obscurity. With the introduction of 4G, Long Term Evolution (LTE) and the IEEE standardization of mobile networks, the secure “Walled Garden” days are over.

This post highlights several security concerns of mobile service providers leaving the “Walled Garden”:

The transformation to fully IP-based mobile networks will most likely involve a transition period, during which existing security vulnerabilities will be exposed to a substantially larger audience. Attackers will easily be able to generate attacks targeting mobile endpoints, overlapping network services between mobile and other networks (such as DNS), and even the core network itself. A full-blown attack on a mobile network has the potential for catastrophic results impacting multiple audiences.

In today’s hyper connected world, an attack on a mobile network could be viewed as a national infrastructure attack. End user privacy may be breached; mobile network operators may lose considerable revenues and confidential government data may be exposed. Network operators and providers, as well as government officials, must agree upon and publish usage policies for times of forbearance. We have already had ‘DoS’ issues with mobile networks during terrorist and even major sporting events. Setting and delivering traffic priorities is a necessary measure.

Recently, a great deal has been published regarding the access provided to hackers throughFemtocells. This is in part due to the same commoditization of network components. To a generation brought up hacking their personal Linksys WRT54G and manipulating firmware for performance enhancement, the modern Femtocell does not represent a huge challenge. That coupled with the reliance on Linux kernels has lead to an upswing in user device manipulation. As the lines of trust change with network edge devices, attackers will have greater opportunities.

When it comes to mobile networks, commoditization is the buzzword. The time of Radio STM255 is gone. Now, Gigabit Ethernet and Dark Fibre are the phrases your backhaul engineer responds to. In today’s day and age, mobile networks are becoming very similar to common IP-based networks, along with the abundant and real security threats. However, while common IP network providers have acquired years of expertise and knowhow defending against cyber threats, mobile networks are years behind in terms of that same accumulated security knowledge. Now, more than ever, it’s imperative for mobile security to catch up with the developments in mobile network technology.

Moving to Mobile – The Changing Face of DDoS