As epidemics go, or for that matter, pandemics – the spread of Bird Flu has nothing on the huge security threats looming for mobile networks and mobile subscribers.  Granted, the Bird Flu has far-reaching health implications, but as far as sheer volume and the ability to wreak havoc over several continents – the threat proliferation that exists within the mobile network is moving at a clip 50x faster than that of fixed broadband.  This is the same seedy criminal element that has been lurking on your PC for years, trying to find unique access to personal consumer information. 

Why the shift to the mobile network?  When career criminal Willie Sutton was asked why he robbed banks, he simply replied: “Because that’s where the money is."

The mobile exploits of criminals aren’t widespread – yet; inherent security protections built into mobile devices, operating systems and networks have thus far largely deterred malware that gets secretly downloaded to mobile devices. But mobile users are still subjected to socially engineered attacks like phishing and new technologies (like QR codes) that expose them in new ways. Moreover, the faster speeds associated with 4G networks allow consumers to do more over mobile networks and with more devices than simply the mobile phone. A growing number of devices such as PCs, tablets and other non-traditional “mobile equipment” are all connecting to faster mobile networks and are doing more mainstream computing functions such as banking, shopping and managing personal information, for example.  All this data now residing in mobile cyberspace makes it the perfect new playground for criminals and hackers. 

Downloading security software updates as new threats arrive works well for a PC user on a fixed broadband network, but gobbling up bandwidth and time for the on-the-move mobile user will be a gigantic turn-off for both the mobile network operator and the consumer. For network operators, aggregate bandwidth consumption for application updates will be substantial, and there is a real cost associated with its use. There are other more delicate issues associated with mobile, too. Mobile devices, in general, provide less opportunity to utilize context and cues to alert users of security threats. Small screens create unique human challenges. With less display area, there’s a reflexive tendency to scroll to where the action is on the screen, and even experienced users may miss important cues indicating a security threat, for instance, by quickly scrolling below the address bar in a browser window.

Criminals are dependent on networks for launching their exploits, they’re also dependent on the network to harvest their gains; they need phishing sites to gather valuable personal information, drop-off sites for malware to upload personal information, and in the future, Command and Control for botnets. These telltale signs reveal their presence.   

From a pure network perspective, there is also the issue of stopping outbound spam – at its source. This message is important not just for PCs connected to mobile networks but increasingly smart mobile phones as well. The key to solving this is to make sure spam never leaves the network from where it originates. Network providers are interested in this for a number of reasons, most importantly because if their network hits a blocklist, it can prevent all emails from being received by organizations that use the blocklist. This diminishes the provider’s reputation in the eyes of their peers. There is also very real damage to the brand and typically real costs associated with support calls from unhappy users, lost customers and wasted network resources. 

There are some common techniques for controlling outbound spam, but an often overlooked option is to control outbound spam with Domain Name System (DNS)-based solutions. Since most spam today is sent by bot-infected hosts, it’s straightforward to use the DNS-based solutions to identify which hosts on a network are communicating with known botnet command and control systems. It’s equally easy to block these communication channels so infected systems, whether via mobile phones, tablets or dongle-connected PCs, can’t get any instructions, thus they can’t send spam. Mail-generating queries from infected hosts can also be blocked to prevent spam from being sent or redirected to a mail gateway where the messages can be handled according to operator policies. 

These two simple techniques can eliminate a huge proportion of outbound spam with minimal false-positives. There is little impact on the DNS, and there is no need for additional equipment in the network, such as security-specific appliances. Leveraging the DNS as a network-based security solution offers even more benefits.  Most importantly, it allows network operators to demonstrate an active commitment to protecting their customers – enhancing their safety online and improving their overall Internet experience, while preserving precious mobile bandwidth. 

DNS has evolved from a protocol to an efficient network infrastructure tool that provides high performance and security.  Protecting the network from malicious attempts to prevent network access or steal personal information is something mobile networks must consider. Beyond the ability to provide a reliable DNS function, this ability to secure networks should be considered a requirement. That in and of itself is worth the investment. 

Doug Miller is general manager, Mobile Solutions, at Nominum (www.nominum.com).