Hack threat to Obama's BlackBerry

President Obama's much loved BlackBerry is still...

President Obama's much loved BlackBerry is still hackable, claims infamous hacker Kevin Mitnick.

He told FOXNews.com, "You would probably need to be pretty sophisticated, but there are people out there who are.

"If I was the attacker, I would look to Obama's close circle of friends, family and associates and try to compromise their machines at home. The objective would be to get Obama's e-mail address on the BlackBerry."

That address is a closely guarded secret after Obama insisted on keeping his BlackBerry, against White House rules covering personal gadgets.

Mitnick served almost five years in prison after pleading guilty to charges of wire and computer fraud for hacking into computer systems at large mobile phone and IT companies during the 1990s.

He is now a security white hat and runs Mitnick Security Consulting.

The White House says only a small circle of associates and senior aides are allowed to exchange e-mails with the president.

As well as hackers wanting to target the president for the fame, there are fears that foreign governments wanting trade secrets on the US are a bigger threat.

Fortunately for the US, Obama is seen as technology savvy and may not be tempted by a simple malicious web link. When it comes to social engineering attacks, however, it can all depend on what the link is promising as to whether the user is tempted or not.


Responding to our article, Kevin Mitnick writes:

The Fox News reporter misquoted me. I never proffered the send Obama an email link social engineering attack. Rather, I thought up several scenarios to obtain information or intelligence from his use of his BlackBerry. See below for the details:

Second, I told this reporter numerous times that I don't believe Obama uses his Blackberry device for any classified communications – that should be a no brainer, right?

I did, however, share some attack scenarios that are feasible. One example below I used to surveill the FBI when playing the fugitive game – which would likely work today.

Objective: Identify Obama's current cellular phone number

1.  Compromise his past provider (he's likely to be using the same one).
2.  Obtain past (3 months) billing records (call detail records)
3.  Compromise (current) provider and perform terminating number searches for any mobile device that has dialed or received calls from the same numbers on Obama's past billing records.
4.  Maintain a list of suspect devices (mobile handsets) for further analysis
5.  Analyze each suspect device's call detail records looking for a similar pattern of call traffic (incoming /outgoing)
6.  Narrow the list of devices down to similar call patterns
7.  Pull the subscriber data (billing name, address, contact #, device info (IMEI, SIM info) or (ESN if CDMA provider)
8.  Use mobile operator's intelligent network to find where the device is registered (in real time)... Is Obama near that location?

Once Obama's cellular number is identified the attacker can acquire his text messages by compromising the smsc (orable db) at  the provider, determine his location via cell tower registrations, and his capture call traffic ( via real time CDR).
Objective: Obtain Obama's email address.

1.  Identify Obama's close circle of friends and family.
2.  Compromise these target systems (phishing, wifi, etc) and install a trojan
3.  Steal authentication credentials stored on target system or via keylogger (web based email)
4.  Watch email communications.. eventually the attacker may hit pay dirt.

As far as compromising his BB device, I said it would be difficult but not impossible depending on whether he uses BB's browser. The possible attack scenario I explained to the reporter was:

1.  Identify vulnerability in BB's browser that allows execution of arbitrary code.
2.  After compromising his provider, identify what sites Obama visits on his BB (this can be logged by an attacker in the providers intelligent network.)
3. Identify the sites visited that are not so popular (minimize the potential victims) and compromise these targets (every BB visitor).
4. Plant exploit code to execute payload-- whatever that is...
5. Wait... and see what happens.

I brought up several others but the article omitted most of what I discussed... go figure...

Best regards

Kevin Mitnick

Read more on IT risk management