Sep 15, 2011

New Mobile Malware and SCADA Testing Updates to BreakingPoint Products

by Pam O'Neal

If there’s anything scarier than the Stuxnet attack and its variants, it would have to be the rapid proliferation of mobile malware. 2011 has seen exponential growth in mobile malware, fueled by the pace of smartphone adoption. Lookout Mobile just published a mobile threat report that estimates between a half million and one million users were affected by mobile malware in the first half of 2011. The takeaway: Don’t expect to see this trend reverse in 2012. Start preparing now.

Doing our part to minimize the impact of security threats, we recently added more mobility testing and SCADA testing capabilities to the BreakingPoint products. As customers know, adding fresh new applications, live security attacks, and malware is an ongoing mission for our BreakingPoint Application and Threat Intelligence (ATI) research team. It’s the only way to test network gear and infrastructures with the most authentic user behavior.

This week, the ATI team added new protocols that allow users to test with traffic from the iPhone App Store and even YouTube on the iPhone. With these new protocols and our 28,000 unique malware attacks, customers can easily measure the performance and effectiveness of wired and wireless networks.

On the Stuxnet front, the team developed a few new SCADA attacks to expand our library of more than 4,500 live security attacks. And there are many more to come. Steve McGregory, who leads BreakingPoint’s ATI program, explains, “Stuxnet was the catalyst to bring awareness to SCADA, and a new army of hackers are looking to exploit these systems. It’s a legitimate concern that a successful SCADA attack could turn out the lights in an entire state—or worse.”

Prior to the addition of these SCADA attacks, I provided a short tutorial on this blog about how to simulate Stuxnet-style attacks. The addition of these new SCADA attacks provides even richer capabilities for creating realistic attacker behavior to fully vet your protection against this particularly nasty attack.

Speaking of nasty attacks, BreakingPoint’s field consultants have been building dozens of new Denial of Service (DoS) and Distributed Denial of Service (DDoS) test cases that will be available for use soon. More on the ever-popular DoS testing topic in another post. For now, I encourage you to download the new application protocols and attacks through the BreakingPoint StrikeCenter and check back frequently for updates. BreakingPoint’s DoS and DDoS testing service has become one of our most popular offerings, so our test cases and attack coverage are expanding rapidly.

Related Content: