Business an 'easy' phone hacking target

2011-06-20 09:42

London - British mobile carriers have tightened voicemail security since a phone-tapping scandal at News Corp's News of the World tabloid, but technological advances mean eavesdropping is easier than ever.

Politicians, actors and sportspeople have been top targets as front-page story fodder, but businesspeople with access to commercially sensitive information may be the next victims.

Soccer player Ryan Giggs this week became the latest celebrity to say he was suing the newspaper for intercepting his mobile phone messages, joining dozens of others including actor Jude Law .

But the practice, dating back to the mid-2000s, of trawling voicemails for scandal - which could yet threaten News Corp's $14bn bid for UK broadcaster BSkyB - looks primitive compared with privacy invasions possible today.

Intercepting phone calls, an activity that until recently was largely limited to governments and organised crime, is now well within the reach of motivated individuals or unscrupulous private investigators, as equipment prices plummet.

Spyware applications

"I'd be very surprised if no criminal organisation understood this potential and wasn't already doing this," said hacker Karsten Nohl, who helped expose a security flaw in the widely used GSM mobile network standard last December.

"In particular, business people with stock-relevant information would be prime victims of this kind of attack," he said.

A recent trawl by the GSM Association group of mobile operators found 18 different spyware applications sold openly on the internet, at prices ranging from $29.99 to $847.

Most of these require the snooper to get hold of the target's phone to install the necessary software.

But now phone calls can be targeted through the network with no need to gain possession of the device, and without leaving traces. A new industry has begun to spring up to take advantage.

"Over the past two years there's been a commodisation of tools to hack into the GSM network," said Nigel Stanley, practice leader for security at European IT research and consultancy firm Bloor Research.

"If you have the necessary criminal energy, it wouldn't be hard to find someone to supply the necessary equipment," said Bjoern Rupp, chief executive of GSMK CryptoPhone, which makes high-end secure phones.

Secure algorithm

The vulnerability of the 20-year-old GSM standard, used by billions of people in about 80% of the global mobile market, was clearly demonstrated last December by Nohl together with fellow hacker Sylvain Munaut.

The two demonstrated an interception at the Chaos Computer Club Congress in Berlin, using a toolkit of four cheap phones, a laptop and some open-source software to hack the A5/1 algorithm used to keep GSM voice conversations confidential.

"We always knew that the day would come when algorithm A5/1 would be vulnerable," said James Moran, chief security officer of the GSM Association.

The GSM Association has developed a new, more secure algorithm but it is hard to deploy in older networks. It has also made available a security patch that is easier to implement, but Nohl said it had not been widely deployed.

Nohl is currently conducting tests on networks around Europe and said he had been able to attack all the GSM networks in London, France, Germany and the Netherlands during recent tests, using kit that a computer studies student could build in a week.

Nohl said he estimated an entire surveillance operation could be built around a person or organisation today for under €30 000 ($42 000) - about one-tenth of the price it might have cost four or five years ago.

Among the British operators, only Vodafone is rolling out the GSMA's security patch to protect its network.

Confidential information

Orange and T-Mobile , who have recently merged their networks, are looking at security options but have no firm plans.

O2 said it was reviewing the GSMA's patch to see whether it was an appropriate response, but pointed out that the majority of calls on its network were now carried by the 3G UMTS technology, which does not rely on the A5/1 privacy algorithm.

Britain's smallest operator, Hutchison Whampoa's 3, has a 3G only network, so the question does not arise.

For those with a few thousand dollars to spare, secure phones are available from suppliers such as GSMK CryptoPhone or Cellcrypt and are used by top government officials, senior executives and celebrities.

But many ordinary businesspeople privy to confidential information have no such option, and may prefer to discuss business by phone than in writing, for compliance reasons.

"We are seeing a growing tension between organisational security requirements and personal convenience requirements with people often discussing sensitive issues on mobile phones to get their jobs done faster or because they have no other practical choice," said Cellcrypt CEO Richard Greco.

Eavesdropping on phone conversations is illegal in most countries including Britain, except by certain government bodies on grounds of national security, crime prevention or other public-interest reasons.

Unregulated industry

But Britain's private-detective industry is unregulated, despite the efforts of the Association of British Investigators, which has been lobbying for years to regulate the industry.

"There's those who belong to an association or advertise in the yellow pages or have a website, and then there's the brokers of information," said a spokesperson for the association. "These people make a lot of money."

"Most of them are one man bands, operate out of a back bedroom, do a reasonable job," he said.

"But it's possible for any extreme criminal element or somebody on the sexual offences register to set up in business this afternoon... they are a danger and sadly that's the situation."

Read more on:    cybercrime
NEXT ON NEWS24X

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
0 comments
Add your comment
Comment 0 characters remaining
 

Inside News24

 
 

ANCYL: Not voting would be blasphemy

Not voting in the forthcoming elections would be blasphemy, the ANCYL says in a statement commemorating the 50th anniversary of struggle icon Nelson Mandela's Rivonia trial speech.

 
 

Latest elections multimedia

Why Jack Parow wants you to vote on 7 May
The ad the SABC doesn't want to air
Elections 2014 in one cartoon
This year's election posters
 
Traffic
Lottery
 
  • Thursday Sir Lowry's Pass - 05:35 AM
    Road name: Old Sir Lowrys Pass Road
    TRAFFIC LIGHTS not working at Bezweni Road
  • Thursday Cape Town - 05:35 AM
    Road name: Buitengracht Street
    TRAFFIC LIGHTS not working at Waterkant Street
 
More traffic reports...
 

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Escape winter, head to Mauritius

Escape winter by spending 7 nights in Mauritius' tropical bliss from R13 215 per person sharing. Includes return flights, airport transfers and accommodation. Book now!

Kalahari.com - shop online today

Get many eggs in one basket!

Gaming bundles: 2 Super Hits games for R99, 3 Disney games for R99 and more + exclusive accessory bundles only available on kalahari.com. While stocks last. Shop now!

25% off bestselling books!

The Real Meal Revolution by Tim Noakes, Jeffrey Archer’s Be Careful What You Wish for, Man’s Search for Meaning by Victor E. Frank and many more titles. Shop now!

Up to 25% off electronics

Buy top electronics and save up to 25%. Such as kalahari.com’s 1# selling product the gobii eReader, Patriot X Porter flash drive, Asus Nexus 7” 3G tablet, Samsung Galaxy SIII, Lenovo G580 Notebook and many more. Shop now!

DStv HD PVR Decoder now R949

The DStv HD PVR Decoder has further revolutionised the television experience with lifelike viewing, sharper images, more vibrant colours and precision picture quality. Now R949, save R550. Offer valid while stocks last. Shop now!

Up to 30% off appliances & homeware

Save up to 30% on appliances and homeware this Easter! Offer valid while stocks last. Shop now.

OLX Free Classifieds [change area]

Samsung Galaxy s4

Mobile, Cell Phones in South Africa, Western Cape, Cape Town. Date October 24

Best bargain in big bay

Real Estate, Houses - Apartments for Sale in South Africa, Western Cape, Cape Town. Date October 25

VW Golf 6, 1.6 Trendline (Excellent condition)

Vehicles, Cars in South Africa, Western Cape, Cape Town. Date October 25

Samsung Galaxy Tab P7500 10.1" Tablet With WiFi & 3G

Samsung Galaxy Tab 10.1 gives you a better experience for...

From R4999.00

I'm shopping for:

Horoscopes
Aquarius
Aquarius

There may be a break through, either through quiet contemplative time to connect to your deep side or forced on you by...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.








Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.