Home opinion-and-analysis Cornered! Intercepting cellphone calls really is child's play

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Subscribe now and get the news that matters to your industry.

* Your Email Address:
* First Name:
* Last Name:
Industry:
Job Function:
Australian State:
Country:
Email marketing by Interspire
weebly statistics
Since my earlier comments  on reports that mobile phones can be compromised and calls intercepted, simply by sending an SMS that contains reprogramming instructions, the originator of the technique has responded to the questions I raised.

It now appears that the compromised phone, unbeknownst to the user, simply creates a three way conference call with the attacker for every call made and received. Scary!

German security company, SecurStar, claimed to have uncovered the first serious threat to the security of cellphone conversations, saying that "Simply by sending an invisible and unnoticeable SMS message to a particular cellphone, spying on cell phone users has become child's play."

I suggested that the security of mobile phones had long been compromised by the development of IMSI- catchers, hardware devices that intercept GSM calls over the air and exploit weaknesses in the GSM encryption algorithm.

 Wifried Hafner, CEO of SecurStar responded to this, telling me: "Yes IMSI catchers have been around for several years but it is not easy to get such equipment and monitoring cannot be made by just anyone."

I also queried his claim that interception is 'child's play' since he had given no indication as to how the call is retrieved from the compromised phone. It does indeed appear to be child's play. Here is what Hafner told me:

"We can sent a service SMS to any phone (regardless of the operating system) and reprogram the SIM card and/or parts of the phone. (A service SMS is a specially formatted SMS that contains data instructions for the reconfiguration /programming and/or update of phones and SIM cards.).

"While usually a service SMS should be sent by the provider to upgrade the SIM card and configure the phone, normal users can also simulate this and send a service SMS. Here the phone and SIM card of the victim are reprogrammed in a way that each entering or exiting phone call are silently conferenced with the attacker.

"It is the victim's phone that creates a second 'hidden' conference call to the attacker. Also the victim pays for this second telephone call. (Equivalent to a 3-way conference call) In order not to show on the monthly bill, the attacker can chose to get called on an anonymous 0800 number that is redirected through VoIP. In this way the call is not charged to the victim and the number does not appear on the monthly statement."

PROTECT YOURSELF AGAINST BANDWIDTH BANDITS!

Don't let traffic bottlenecks slow your network or business-critical apps to a grinding halt. With SolarWinds Bandwidth Analyzer Pack (BAP) you can gain unified network availability, performance, bandwidth, and traffic monitoring together in a single pane of glass.

With SolarWinds BAP, you'll be able to:

• Detect, diagnose, and resolve network performance issues

• Track response time, availability, and uptime of routers, switches, and other SNMP-enabled devices

• Monitor and analyze network bandwidth performance and traffic patterns.

• Identify bandwidth hogs and see which applications are using the most bandwidth

• Graphically display performance metrics in real time via dynamic interactive maps

Download FREE 30 Day Trial!

CLICK TO DOWNLOAD!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Stuart Corner

 

Tracking the telecoms industry since 1989, Stuart has been awarded Journalist Of The Year by the Australian Telecommunications Users Group (twice) and by the Service Providers Action Network. In 2010 he received the 'Kester' lifetime achievement award in the Consensus IT Writers Awards and was made a Lifetime Member of the Telecommunications Society of Australia. He was born in the UK, came to Australia in 1980 and has been here ever since.

Connect