Security Market Segment LS
Thursday, 19 September 2019 10:05

Simjacker – Australians are safe Featured


All three Australian telcos have confirmed that Simjacker cannot hurt their customers.

In response to the recent Simjacker reporting iTWire approached all three Australian-based telcos for their response to the issue.

As background, the SIMjacker vulnerability was related to the use of "intelligent" SIM cards which were capable of processing configuration commands issued by the phone operator. Well, that was the theory. In fact, the interface was almost totally unprotected and was able to blithely execute any commands delivered to the device by a "bad dude".

The original research paper estimated that about 1 billion phones might be vulnerable, suggesting that another two billion or so were not (based on an estimate of about 3 billion active devices).

A Telstra spokesperson said, "We don't believe our SIM cards are vulnerable to SIMJacker, however we are actively reviewing information as it becomes available and, as always, we continue to collaborate with researchers and the industry on this and other cyber security matters."

As alluded to in the original article, the GSM Association advised Vodafone Australia's parent group of this issue, who in term passed the information to their affiliates and subsidiaries around the world, the Australian operation included.

In speaking with a Vodafone representative, iTWire was advised that the company is quite certain that their customers are safe from this specific method of "hacking" as they do not make use of the S@T browser.

Similarly for Optus, their spokesperson told iTWire, "I can confirm our SIMs do not use the S@T browsers so we are not exposed to this vulnerability. Furthermore, we also mitigate against this specific issue by blocking illegitimate binary SMS messages that could address the SIM vulnerability described."


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.



Recent Comments