Are your customers' users at risk for commjacking? It's gotten easy and cheap for criminals to set up open wireless networks that look legitimate but are a ruse to enable commjackers to steal data including unencrypted email, credit card numbers and more. Here are the details.
Dror Liwer, chief security officer for CoroNet
One of the things that IT security folks don’t appreciate about the proliferation of mobile computing devices everywhere is how trusting those devices are. Every mobile computing device just naturally assumes that a radio signal within its reach is a trusted source of Internet access.
It turns out, however, that digital criminals are starting to abuse that trust by setting up fake wireless networks to hijack those radio signals using a process commonly referred to as “commjacking.” Once a fairly expensive ruse to set up, there are now open source kits that can be had for as little as $29 that enable criminals to set up a wireless network that for all intents and purposes looks like any other open wireless network. Once a mobile device connects to that network the digital criminals that run it simple steal all the data they can, including everything from credit card numbers to any unencrypted emails.
To help MSPs combat that threat CoroNet has developed namesake software that employs “sonar echoing” technology to map the behavior of networks surrounding a mobile device using 300 parameters defined by CoroNet. Capable of running on Windows, Apple iOS and Google Android devices, the software than makes use of behavioral algorithms to actively monitor radio networks to identify anomalies that betray the presence of a commjacker.
The scope of commjacking
That data is then fed back to a machine learning system that contrasts that data with information in publicly available databases to keep track of variants and mutations of new attack vectors being employed by commjackers, which Dror Liwer, chief security officer for CoroNet said are not only being launched via fake wireless networks, but also cellular base stations that have either been compromised by hacker or have been deployed by digital criminals for the express purpose of hijacking cellular traffic.
Worse yet, Liwer noted that many of the Internet of Things (IoT) applications that are currently under development make use of the same radio signals as mobile computing devices. Given the sensitivity of the data in those applications, Liwer said it’s only a matter of time before those radio communications are hijacked, which is why CoroNet developed a software development kit (SDK) that enables its software to be embedded in those applications.
As hackers gain access to ever more sophisticated technologies the challenges MSPs will face from a security perspective will multiply by several orders of magnitude in the months and years ahead. The good news is that at organizations become more security conscious the MSP that can address those issues is going to have a distinct advantage over competitors. Of course, there’s no such thing as “perfect security.” But by the same token, that doesn’t mean that MSPs should make it easy for the bad guys to quite literally hijack their customers either.