The soon to be released hacking program called BBProxy can be installed on a BlackBerry or sent as an e-mail attachment to an unsuspecting user. Once installed, BBProxy opens a back channel bypassing the organizations gateway security mechanisms between the hacker and the inside of the victims' network. Since the communication channel between the BlackBerry server and handheld device is encrypted and cannot be properly inspected by typical security products, a tunnel is most often opened by the administrator to allow the encrypted communications channel to the BlackBerry server inside the organizations network. A malicious person could potentially use this back channel to move around inside of an organization unabated and remove confidential information undetected or use the back channel to install malware on the network.
Sami Mulla, Director of Secure Computing's Middle East operations, offers the following network architecture and policy suggestions to reduce the risk of this impending threat:
• Servers connecting to the public Internet have an inherent risk. Isolating these Internet facing servers reduces the risk of a compromised server providing access to other critical servers. Hence due diligence would require that any Internet facing server like a BlackBerry server should be isolated on its own DMZ segment.
• Only those connections necessary to facilitate the operation of the BlackBerry server should be permitted. The BlackBerry server should not be permitted to open arbitrary connections to the internal network or Internet
• The mail server that is working with the BlackBerry server is also an Internet facing server and should also be isolated on it's own separate DMZ
• Only those connections necessary to facilitate the normal operation of the mail server should be permitted. The mail server should not be permitted to open arbitrary connections to the internal network or Internet
• Internal users should not be permitted to open arbitrary connections to either the BlackBerry server or mail server
Browse
related articles
Secure Computing warns of serious BlackBerry hack threat
- United Arab Emirates: Monday, August 14 - 2006 at 12:47
- PRESS RELEASE
Secure Computing Corporation (NASDAQ: SCUR), the experts in securing connections between people, applications and networks, has warned that organizations that have installed their BlackBerry server behind their gateway security devices could be subject to a hacking attack when security researcher Jesse D'Aguanno is scheduled to release the code for his BlackBerry hack next week.
Related stories
Also consider reading:
Digg
Facebook
LinkedIn
Twitter
Browse
related articles
Today's most read articles:
Log in to request more information from Secure Computing
Notes and media contacts
About Secure Computing:Secure Computing (NASDAQ:SCUR) has been securing the connections between people and information for over 20 years. Specializing in delivering the world's strongest security appliances/firewalls, identity and access management solutions, content management and filtering solutions, Secure Computing is uniquely qualified to be the global security solutions provider to organizations of all sizes. Our more than 17,000 global customers, supported by a worldwide network of partners, include the majority of the Dow Jones Global 50 Titans and the most prominent organizations in banking, financial services, healthcare, telecommunications, manufacturing, public utilities, education and national and local governments. The company is headquartered in San Jose, Calif., and has offices worldwide.
All trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
This press release contains forward-looking statements relating to Secure Computing's warning of a BlackBerry hack and such statements involve a number of risks and uncertainties, including whether the BBProxy code will be released as announced and have the proposed impact, and if released that the policy suggestions will protect a company's network. Among the important factors that could cause actual results to differ materially from those indicated by such forward-looking statements are delays in product development, undetected software errors or bugs, competitive pressures, technical difficulties, changes in customer requirements, general economic conditions and the risk factors detailed from time to time in Secure Computing's periodic reports and registration statements filed with the Securities and Exchange Commission.
For further information, please contact:
Secure Computing
P.O. Box 500414, Dubai Internet City
Dubai UAE
Tel: 00 971 4 3913500,
Fax: 00 971 4 3918668
Orient Planet, PR & Marketing Communications
P.O. Box 23345, Dubai UAE
Tel: 00 971 4 3988901
Fax: 00 971 4 3988941
Website: www.orientplanet.com
Posted by Anne-Birte Stensgaard, Senior News EditorMonday, August 14 - 2006 at 12:47 UAE local time (GMT+4)
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of AME Info FZ LLC / Emap Limited.
This article was updated on Wed Mar 28 2007.
Disclaimer:
Articles in this section are primarily provided directly by the companies appearing or PR agencies which are solely responsible for the content. The companies concerned may use the above content on their respective web sites provided they link back to http://www.ameinfo.com
Any opinions, advice, statements, offers or other information expressed in this section of the AMEinfo.com Web site are those of the authors and do not necessarily reflect the views of AME Info FZ LLC / Emap Limited. AME Info FZ LLC / Emap Limited is not responsible or liable for the content, accuracy or reliability of any material, advice, opinion or statement in this section of the AMEinfo.com Web site.
For details about submitting your stories, please read the guide - all content published is subject to our terms and conditions
It looks like you are using a Mac - check out our 
Web Feeds