A new video out of Rutgers University demonstrates remote control of a rootkit infected open source Linux based smart phone that allows the attackers to use the phone as a listening device without the user being aware that the phone is communicating. While not a new concept (using a cell phone as a bug) the proliferation of smart phones enabled with Wi-Fi, blue tooth and other communication technologies coupled with built in services such as SSH, telnet and others creates a whole new range of threats for control systems.
A couple of months ago I posted a bit about an iPhone virus that was making the rounds. This virus relied on default passwords on jail broken phones to propagate itself using built in SSH capabilities. As many users did not bother to change the default passwords they were at risk, allowing the virus to spread. Coupled witha growing number of SCADA apps for smart phones I thought it worht while to note the possibilities for security issues.
The spread of a smart phone virus raises the question: “What is the potential impact of an infected smart phone to control systems?”
With the rising number of third party apps being produced for these phone, in light of the Veracode’s State of Software Security report that Jason posted about we see a huge growth area for potential new 0days in apps that are not thoroughly vetted for security implications. There is also the possibility of malware being produced and packaged and purveyed through the various “App stores” or via free ware. Malware with built in rootkits or other software that communicates externally to report on users habits.
The possibility of an infected phone communicating on corporate or control system networks via the built in Wi-Fi (802.11) or by being meshed with a PC via bluetooth is very real, a possibility that opens a whole new world of vectors that attackers could employ.