News & Resources

Security Advice

Download as PDF

Cellular Phone Security - BlackBerry

The Security of a BlackBerry can be Compromised Without the Owner's Knowledge

August 26, 2010

The use of a cellular phone introduces potential risks.  Because today’s phones are highly sophisticated computers, they are subject to device hijacking and infection which may compromise privacy and security and allow an unauthorized third party to access data and communications.

Blackberry Device Security 
Blackberry devices are particularly prone to malicious attack as they are ubiquitous in nature and contain a wealth of personal and private information.  It is possible for the security of a Blackberry to be compromised without the user’s knowledge and with no alert notification.

  • Wireless Infection:  Spyware and malware can be installed on a Blackberry through a Bluetooth connection.  If the Blackberry is within Bluetooth range of an infected device, the potential exists for the device to become wirelessly infected.
  • Security Compromise: An infected Blackberry may allow an unauthorized third party to monitor BBM and SMS messages, access e-mail and contact lists, and eavesdrop on phone conversations.
  • GPS and Location Identification:  An infected Blackberry may transmit real time location information and track movement of the device.

T&M analyzes the current configuration of the Blackberry to determine if the security has been compromised and takes the necessary steps to remove any rogue applications, spyware, or malware.  The device is then fully encrypted and the security settings are configured to greatly reduce the risk of being infected in the future.

Blackberry Enterprise Server
A Blackberry device may connect, transmit, and synchronize data through a Blackberry Enterprise Server (BES).  If the security of the BES is compromised, confidential messages sent to and from the Blackberry may be intercepted or re-directed.  Therefore, in conjunction with a security review of the Blackberry device, T&M recommends a security review of the BES.  T&M verifies the integrity of the existing BES and configures all security and encryption settings to ensure data transmitted through the BES remains encrypted and secure.

For more information, please contact:

Paul G. Lewis
Vice President, Data Forensics 

Click here for more information on T&M's Data Forensics services.