Gary Strickland-Clark of Gold Lock Group writes on hacking and mobile security.
If News International has achieved nothing else, it has extended to the security industry a great service by raising, almost to fever pitch, the awareness of the vulnerabilities of mobile communication. Security and telecommunications professionals are now being asked to secure mobile communications but it is important to be clear about what the vulnerabilities are. Here is a quick rundown of the main threats and how to protect against them:
Hacking
Where phones are concerned, โhackingโ has come to mean voicemail hacking using a phone. The protection against this is simply to change the PIN from the standard setting to one that canโt easily be guessed. Also ensure messages are deleted as serious hackers may be accessing the voicemail servers or have access through a mobile operator insider. Encourage people to use voicemail sparingly and only to request a call back, nothing more.
Interception
The GSM mobile networks should be regarded as untrusted networks; you should assume somebody is listening. There are two places where a mobile call is most likely to be intercepted: Between the handset and the base station and at the mobile operatorโs โexchangeโ (data centre). The once exotic equipment required to intercept mobile calls as radio transmissions is now affordable and relatively easy to obtain. The GSM network specification requires the handset to authenticate to the network, but does not require the network to authenticate to the handset. This well-known security hole can be exploited by an IMSI catcher (โman in the middleโ attack). The IMSI catcher (a PC with a radio transceiver) mimics a base station and logs the IMSI numbers of all the mobiles in range as they attempt to link to the โbase stationโ. It forces the mobile phone to revert to a lower grade protocol (A5/0 mode) which uses no call encryption, making the call data easy to intercept and convert to audio. The IMSI catcher presents itself to the real base station using the identity of the intercepted phone, thus allowing the interception to continue undetected. IMSI catchers are illegal in most countries.
Every network operatorโs licence includes an obligation to provide interception facilities to law enforcement authorities. In the UK the legitimate use of this facility is overseen by the Interception of Communication Commissioner. His responsibilities and annual reports to Parliament are published on various websites. Many countries, however, blur national and economic security and there are many documented cases of foreign authorities using their interception capabilities to support commercial and political agendas.
Protection against these illegitimate uses of interception requires encryption of the call itself. Effective call encryption encrypts / decrypts the call at the handset and, preferably, diverts the call to the data network to avoid conventional interception. The most critical thing is to understand whether the provider of the encryption is obliged to provide a backdoor to its products. Many countries require this of encryption product providers for legitimate law enforcement purposes. We must assume, however, that where such a facility exists, it will be abused. Get a guarantee that no back door exists.
Trojans and spyware
Any smartphone provides an opportunity to covertly install an application that compromises security. Spyware can be hidden in a downloaded app, secretly installed when visiting websites or clicking on links in emails. Mostly they are secretly installed by somebody who has access to your phone. A quick Google of terms such as โmobile spywareโ or โmobile spy softwareโ will confirm the proliferation of these applications.
Mobile phone spyware covers a number of functions. Activity in the phoneโs immediate environment, can be overheard using a second remote phone, or, along with calls made on the phone, recorded and forwarded as a data file to an email address. It is also possible to forward a duplicate of all incoming and outgoing SMS messages to a pre-set number. Spyware applications โcatchโ the communication from the microphone before any encryption takes place and so must be managed as a separate threat, not addressed by voice encryption. Also, consider that the threat may not be coming from the userโs own phone – it could be the one on the desk that somebody left behind.
Good spyware is designed to be undetectable and present no conflict with the phoneโs other operations. There are anti-spyware applications but it would be risky to wholly rely on these. Protection requires that the phone is never left unattended and not used for internet access or apps from untrusted sources. Users should not click on links or attachments in emails or web pages, the phone should be switched off when not in use and the battery removed frequently. If in doubt, replace the handset. Finally, leave Bluetooth switched off as it is an unprotected, tree-lined boulevard into the phone.
About the author
Gary Strickland-Clark is a director of Gold Lock Group, distributors of Gold Lock 3G encryption for mobile, landline, voice and data. Gold Lock 3G is produced under licence and certified by the Israeli Ministry of Defence.
