Information leakage via mobile phones

 
Apply for SearchInform DLP TRY NOW

Not all users of modern mobile phones know that gadgets have a built-in mechanism that reads information passing through devices. The ability to read data is needed for police control and terrorism prevention. However, the function can be used not only by law enforcement agencies, but also by private detective agencies, as well as those who have bought mobile devices with specially modified software. This channel of information leakage is also used by some cybercriminals.

Police mode

The technology of autonomous work was developed to improve the service of the ministries of the interior and anti-terrorist units. The technology is capable of activating a mobile phone without the owner's knowledge. How it works?

The remote source instructs the telephone to turn on the microphone. All speech information that is in the coverage area is broadcast on the air through the voice channel. The technology works even when the device is off, the only way to turn it off is to remove the battery and SIM card. This recommendation does not apply to communicators that have built-in backup batteries, so it is better not to negotiate near them without shielding devices.

Sensitive information leaks occur not only through cellular channels, but also through devices such as Bluetooth. It is possible to identify the activation of the microphone by evaluating the unmasking signs: the electromagnetic field and the level of its intensity, indicating the start of the microphone.

The risk of information leakage through the mobile channel also arises due to the fact that providers and cellular operators save the records of telephone conversations and, if necessary, unauthorized people can get to the archive of records. Many detective agencies covertly cooperate with regional providers, so the threat of such information leakage is quite real.

Cybercriminals install spyware on smartphones with the Android operating system that transmit data about the owner's conversations or movements. Signs of spyware include: rapid depletion of Internet traffic; slow device operation; the appearance of an unusual new application and the sudden activity of icons indicating data download from the Internet. The "spy" application most often allows you to remove the features of a regular antivirus.

When carrying out forensic examination of the phone, law enforcement officers may use other professional programs included in the device initially. This allows you to get from memory all passwords and tokens, the history of visited sites in the browser, information from cloud storage. Criminals who have stolen the phone can also use these programs.

Information on the device can be accessed remotely. This includes the determination of geolocation by a photo taken with a mobile phone, and even a subscriber's number. Thanks to technology, law enforcement agencies detained the organizer of the terrorist attack in a supermarket in St. Petersburg.

Other risks of information leakage through mobile devices

A significant part of leaks in companies occurs through bribed or embedded employees. An insider with a mobile phone can do great harm to an enterprise. Therefore, security services should take into account that information leakage can occur through any mobile device.

  • PC connection

The phone, connected to a computer via a USB port, serves as a regular removable storage device to which important files are transferred. Both the internal memory of the device and built-in memory cards are used.

  • Photo and video camera

Smartphones and other mobile devices have good cameras with which you can take photos of documents, record important meetings and negotiations on video. Sometimes, an accidental photo taken by a guest in the office can thwart an important deal or reveal sensitive information. Negotiations can be broadcast on the Web in real time, which damages the reputation of companies and provides important data to competitors. Taking a picture of the screen is easy - a program that prohibits taking screenshots of important information does not interfere with this.

  • Dictaphone

The threat posed by the capabilities of digital voice recorders is forcing companies to monitor the use of mobile phones and other devices during negotiations and meetings. The difficulties associated with decrypting the recording can already be overcome. There are software products that automatically synthesize speech into text. If the reliability of the dictaphone records as evidence can still be disputed, then data leakage can no longer be prevented.

These risks can be dealt with by installing jammers in meeting rooms or by blocking communication channels. It is important to carry out preventive work with personnel and control the use of mobile devices in the office and in production.

Exploiting a vulnerability in mobile devices for commercial purposes

Knowledge of information-reading technologies prompts enterprising professionals to exploit vulnerabilities in mobile devices for commercial purposes. Here are just a few suggestions:

  • Buy a modified mobile, police mode in which it is activated at the request of the buyer. Programmers modify old phone models and sell them through resellers or specialized online stores. Such phones are given to business and personal partners, as if they were accidentally left in places where interesting negotiations for the buyer of the device can be conducted. "Upgraded" devices are used as spy devices without being subject to statutory prohibitions.
  • Buy a phone that is already protected from eavesdropping using technology;
  • Order the development of spyware that intercept calls and text messages, monitor communication in instant messengers and social networks, take screenshots of the smartphone screen, control Internet surfing, photos, videos. Such programs, even without police mode, are ways to remotely turn on and off the microphone and / or camera.
  • Buy technical devices that block the transfer of information: for private use - "Kokon-IVT", "Ladya"; for corporate purposes - "Barkhan", "Pelena 7M2". True, the devices look rough, so an experienced user will immediately understand that the smartphone is shielded.

Algorithm for combating the channel of leakage through mobile phones

Typically, companies use two groups of ways to protect against information leaks through mobile phones: organizational and technical.

Organizational measures include:

  • a ban on important conversations on the phone or near the device, which is regulated by internal instructions and regulations;
  • prohibition to use telephones in meeting rooms;
  • handing over of mobile devices at the entrance to the workplace and checking the voltage of the electromagnetic field.

Specialized equipment of two types is most often used as technical means: active and passive. Passive-type devices scan the phone and, when detecting a working police mode, they turn on the generator of sound interference, which prohibits the transmission and decryption of information. This is only possible for certain models.

If it is necessary to prevent the transmission of data from all devices located in a certain area, you need to use active protection devices that suppress cellular communications within a radius of several tens of meters.

Technical means are used in addition to organizational measures, since most leaks occur due to the actions of employees, and not due to the activation of the police regime.

Information leakage via mobile phones is not a threat to all companies. But if employees know that there are eavesdropping technologies, they use classified information with greater caution in conversations. Even outside the company, remember that the programs installed on the phone and the functions provided by the manufacturer can spread the owner's personal data. Therefore, careful use of gadgets will help protect both corporate and personal information.

15.12.2020