Read Bennett Gold LLP's privacy policies and practices regarding this web site.
LINK TO: Bennett Gold LLP's Privacy Policies and Practices. E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


HACKERS COULD TARGET BLACKBERRIES

Source: Metro West Daily News

Posted on August 16, 2006

      Hackers looking to invade corporate computer systems may soon find a new point of entry: the popular handheld device known as the BlackBerry.

      A computer security expert in California developed what he calls the first Trojan horse capable of targeting BlackBerries. A Trojan horse is a destructive program disguised as something harmless, like a video game.

      "It would definitely be a new threat," said Mike Kibler, owner of Allegiant Systems Inc., a computer network consulting business in Newton. "Any new threat sort of opens a crack, and hackers can then figure out how to get farther."

      The Trojan horse is called BBProxy and is disguised as a tic-tac-toe game that can be e-mailed to a BlackBerry. It was designed by Jesse D'Aguanno of Praetorian Global, an information technology risk management company, who unveiled the program at the DefCon hacker conference in Las Vegas this month.

      BBProxy itself does not attack computer systems. D'Aguanno, according to press reports, said his intent is to educate companies about the potential of hackers accessing internal networks by targeting BlackBerries.

      Because it's a handheld device, most people don't think it's something that can actually harm the rest of your internal network," D'Aguanno said, according to a report on Wired News, a Web site. "But a BlackBerry is not your average handheld....It's a code-running machine that's always on and always connected to your internal network and has direct access to whatever you give it access to. And most company architectures allow it unfettered access to everything on the internal network."

      D'Aguanno could not be reached for comment by the Daily News on Friday.

      The top executives at Boston Scientific in Natick use BlackBerry devices, according to company spokesman Eric Olson. Olson said the company would not comment on the measures it takes to protect the devices from hackers. "It's our policy not to comment on matters involving company security," he wrote in an e-mail.

      A spokeswoman for Bose Corp. in Framingham declined to say whether anyone at the company uses BlackBerry devices.

      "We don't want to compromise our information security systems," Bose spokeswoman Joanne Berthiaume wrote in an e-mail.

      Companies trying to protect wireless networks usually require wireless devices to have specific hardware addresses and encryption keys to gain access to a network, said Rick Roberts, a software developer at Accurate Data Systems in Holliston.

      Security measures get more complicated from there, but these are capable of "protecting against your average hacker," he said.

      Kibler said he's yet to see an attack on a BlackBerry. He said more worrisome security breaches are created when computer users fail to install patches that address known vulnerabilities.

      The U.S. Department of Homeland Security issued an advisory Wednesday urging Windows users to install a new Microsoft security patch that prevents attackers from remotely taking control of computer systems.

      "This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users," the DHS said in a statement.




CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.


ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.