Results 1 to 5 of 5

Third-party applications that are designed to disrupt and cause damage to computer systems are collectively ... Server Admins forum

  1. #1
    hayden's Avatar
    hayden no está en línea Stack Mod
    Join Date
    Jul 2004
    PIN/ID
    ask
    Posts
    12,440

    Protecting the BlackBerry device and BlackBerry Enterprise Server against malware

    Advertisement



    Third-party applications that are designed to disrupt and cause damage to computer systems are collectively known as malware and include the following:

    Viruses
    They replicate themselves by attaching to other, legitimate applications on a computer.

    Trojan horses
    They are disguised as, or embedded within, innocuous or trusted applications. To succeed, Trojan horse applications depend on user action. Therefore, they require successful implementation of social engineering rather than the ability to exploit flaws in the security design or configuration of the target.

    Worms
    They replicate themselves to spread across networks and potentially overwhelm computer systems. A worm is self-contained and does not need to be part of another program to propagate itself.

    Spyware
    this is designed to log user activities and personal data and send it back to the attacker.Some malware attacks may target BlackBerry devices. Attackers may attempt to use malware to execute attacks that are designed to do one or more of the following:

    - steal personal and corporate data
    - create a denial of service (DoS) attack to make a corporate network unusable
    - access a corporate network using corporate BlackBerry devices

    Description

    A presentation by Jesse D'Aguanno, a consultant with Praetorian Global, demonstrated how a BlackBerry device user can download a Trojan horse application onto the BlackBerry device. Malware attacks such as these are possible on any unsecured device, including a desktop or laptop computer, smartphone, and personal data assistant (PDA).
    When the BlackBerry device user runs the Trojan horse application, if the BlackBerry Enterprise Solution security tools are not set to control third-party applications on the BlackBerry device, the Trojan horse may gain access to systems on an internal network.

    Note: Some Internet coverage of Jesse D'Aguanno’s malware demonstration inaccurately reports that a malicious user can successfully initiate an attack by sending a Trojan horse application to a BlackBerry device user using an email attachment. The BlackBerry Attachment Service is designed to prevent malicious applications from accessing data on the BlackBerry device by using binary format parsing to open attachments and prepare them to be sent to the BlackBerry device. The BlackBerry device does not run an application sent as an attachment in an email message. Therefore, an email attachment cannot be used to successfully deliver Trojan horse applications to a BlackBerry device user.


    Troubleshooting
    Whether a BlackBerry Enterprise Server administrator pushes trusted third-party applications to BlackBerry devices or freely permits BlackBerry device users to download third-party applications, BlackBerry devices are designed to prevent attackers from using malware to access a corporate network and BlackBerry devices in the following ways:

    - When you try to download any kind of application, by default, the BlackBerry device first downloads a small portion of the application to determine the hash and to verify whether the application is permitted on the BlackBerry device.

    - In BlackBerry Manager, BlackBerry Enterprise Server administrators set IT Policies and Application Control Policies to control the manual or automatic installation of third-party applications on BlackBerry devices. Administrators also use these policies to control third-party application access to their organization’s BlackBerry device resources and applications.

    - Administrators can also place the BlackBerry Enterprise Solution in multiple network segments by installing each component on a remote computer, then placing each component in its own network segment.


    Using IT Policy and Application Control Policy Rules

    The BlackBerry Enterprise Server provides IT Policy and Application Control Policy rules to control third-party applications using the following methods:

    - Preventing BlackBerry devices from downloading any third-party applications over the wireless network.

    - Either requiring or preventing the installation of specific third-party applications.

    - Controlling the permissions of third-party applications that exist on BlackBerry devices.

    Note:
    By default, BlackBerry devices can install all third-party applications until the BlackBerry Enterprise Server administrator uses one or more of these methods to control the installation of these applications on BlackBerry devices.



    Using Segmented Network Architecture
    Placing the BlackBerry Enterprise Solution components in a segmented network architecture is an option designed to prevent the spread of potential attacks from one BlackBerry Enterprise Solution component, that is installed on a remote computer to another computer within a LAN. In a segmented network, attacks are isolated and contained on one computer.


    Additional Information
    For more information about using a segmented network architecture to prevent the spread of potential malware attacks, see the Placing the BlackBerry Enterprise Solution in a segmented network: BlackBerry Enterprise Server Version 4.0 and later white paper.
    For more information about using BlackBerry Enterprise solution tools and architecture options to control third-party application access to BlackBerry devices, see the Protecting the BlackBerry device platform against malware white paper.
    For more information about BlackBerry Enterprise Solution security features and an overview of the BlackBerry security architecture, see the BlackBerry Enterprise Solution Security version 4.1 Technical Overview.
    For more information on BlackBerry security, go to www.blackberry.com/security.

  2. #2
    melissaox's Avatar
    melissaox no está en línea Device Pro
    Join Date
    Jan 2006
    Posts
    5,344

    Re: Protecting the BlackBerry device and BlackBerry Enterprise Server against malware

    Thanks for the great info!
    Success is not final, Failure is not fatal, it is the courage to continue that matters.
    My Blog , My Flickr

  3. #3
    cp6169's Avatar
    cp6169 no está en línea Device Pro
    Join Date
    Mar 2006
    PIN/ID
    3056468b
    Posts
    14,661

    Re: Protecting the BlackBerry device and BlackBerry Enterprise Server against malware

    ~via BB (wap.pinstack.com)~ Yes thank you, very important info.

  4. #4
    cv's Avatar
    cv
    cv no está en línea Stack level 2
    Join Date
    Apr 2006
    Posts
    46

    Re: Protecting the BlackBerry device and BlackBerry Enterprise Server against malware

    ~via BB (wap.pinstack.com)~nice work. Holistic approach. Many options. My company just shut down all installation of 3rd party apps. No notice to users. No real thought or process on how to enable users to take advantage of safe and accepted productivity tools while keeping the infrastructure safe. Maybe they will read your post and get enlightened.

  5. #5
    hayden's Avatar
    hayden no está en línea Stack Mod
    Join Date
    Jul 2004
    PIN/ID
    ask
    Posts
    12,440

    Updated advisory: Protecting the BlackBerry device platform against malware

    Third-party applications that are designed with malicious intent to cause harm to computer systems are commonly known, collectively, as malware and include the following examples:
    • Viruses: malicious applications that replicate themselves by attaching to other, legitimate applications on a computer
    • Trojan horses: malicious applications that are disguised as or embedded within innocuous-seeming or trusted applications; To succeed, Trojan horse applications depend on user action, and therefore require successful implementation of social engineering rather than the ability to exploit flaws in the security design or configuration of the target
    • Worms: malicious applications that replicate themselves to spread across networks and potentially overwhelm computer systems (a worm is self-contained and does not need to be part of another program to propagate itself)
    • Spyware: malicious applications that are designed to log user activities and personal data and send it back to the attacker
    Some malware attacks might target BlackBerry devices. Attackers might use malware to perform attacks that are designed to
    • steal personal and corporate data
    • create a Denial of Service (DoS) to make a corporate network unusable
    • access a corporate network using corporate BlackBerry devices



Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •