Common Firewall Configuration Used by Mobile Network Providers May Be Susceptible to Data Theft
Firewalls are commonly used in cellular networks to boost security and deter attacks. However when implemented improperly, they can backfire and unwittingly reveal details to hackers. Researchers revealed how attackers could hijack TCP Internet connections by using common information on smartphones, which is publicly available. Hackers can simply use “middleboxes” to intercept data packages and researches detected the presence of middleboxes on a third of 150 networks they tested.
Middleboxes are needed by network providers to improve the security level, but it turns out hackers can use them to do the opposite. Network providers that deploy such devices still believe they are safer, but they should be aware of the security risks.
Middleboxes can observe “sequence numbers” sent to mobile devices. When users snap and share a photograph to others; it is chopped into many data packets before being sent across the network. Sequence numbers are needed to put the photo back together and when hackers capture them, they can re-assemble critical files.