There is always someone to watch out for in commercial life, writes Peter Clements, Managing Director of Templepan Security Systems
“There is no more efficient bugging device than a mobile phone. It can be remotely switched on and listened to by any other mobile phone”
Introduction
Every few months a bugging scandal appears in the press and is naturally taken very seriously. Panic sets in amongst the targeted organisation and ECM sweeps are conducted to ensure the rest of the premises are clear. It all seems like very poor security to me. If sensitive meetings are to take place then, like any other form of security, appropriate measures should be taken before the event to ensure the area has not been compromised.
“Shutting the stable door after the horse has bolted” is so often how security systems are installed. It is human nature to do this but it is not the best security.
Bugs have been around to listen to conversations for many years and before then, listening to other people’s conversations has always been an unfair way of obtaining information. If we exclude the law enforcement officers, then eavesdropping by any organisation is normally about gaining a pecuniary advantage.
Electronic sweeping and checking rooms during meetings is essential if one is to be confident that items brought into the meeting are not themselves, knowingly or otherwise, being used as a covert listening device. It is the mobile phone which I refer to as this is such a powerful tool. If suitably modified by down loading free software, the phone can then be controlled by the hacker.
Let me explain.
All mobile telephones are software controlled. Programmes can easily be sent from one phone to the other without the user of the target phone necessarily being aware.
Software programmes, most available free are accessible through the internet which , once down loaded onto a target phone, will enable that phone to be controlled by the hacker.
The modus operandi is simple. The programme from the internet is downloaded on to the hacker’s phone, either via a Bluetooth signal from the computer or via a lead between the computer and the phone. The hacking programme is saved on the mobile phone and stored in a suitable folder probably called Games or Applications. This download does not alter the operation of the main telephone. However, if you wish to send this software to another person’s phone (with or without their permission) you can. The master phone which operates normally but which now has the hacking software installed, will, as is normal, display the identity of all the Bluetooth enabled phones in the area. The scope of this area can vary according to local conditions, from 30 to 100 metres. The master phone selects from the details now displayed on it, one or more of the phones it can communicate with, and then sends to it, via Bluetooth, the hacking software. As soon as the target phone receives this software a message is displayed on that phone advising that software has been received and asks “do you wish to accept it” Most people assume this is a free software upgrade from their phone provider and accept it. Alternatively, If the target phone is briefly in the hacker’s possession, the hacker can accept the download. Once the software is in the target phone, that phone is now under the complete control of the hacker who will be able to invisibly manipulate the target phone and perform the functions listed later.
Mobile phones are the most efficient type of listening
device available. Conversations are digitised and
encrypted, making the signals exceedingly difficult to intercept.
The software we have obtained for these tests, was written by an unknown author in Eastern Europe and was supplied free of charge on the internet. I suggest it was provided just to make the point about how easily mobile phones can be compromised. It begs the question though that if greater time and effort went into the software design then greater control of the target phone could be achieved. Already many hundreds of internet sites are advertising this type of software some of which are free. One company’s version claims to give the hacker control over the phone even when it is switched off. This is carried out by altering the way the phone switches off: i.e. The software would ensure that the phone is not actually off when the phone indicates that it is. Another facility available for the professional hacker, is the location of the target phone within a 50 feet although this facility being calculated from the distance between the base station, and the mobile itself is already available to users of modern phones.
Summary
Governments are already listening in to our mobile phone communications, this we can only accept and nothing can be done in the short term to prevent it. We assume that in the West the authorities, largely ignore commercial telephone traffic (maybe!) but now anyone, not just the authorities, who has access to the net and a mobile phone is capable of hacking into your mobile. Add to that the financial gains of providing this software, rogue businesses will continue to develop and supply this software and gain from illegally selling the information they provide.
There are legal implications which may apply to the hacker. I suggest that the use of the software, as opposed to its manufacture, is certainly an infringement of the Interception of Communications Act 1986 and perhaps contravenes other laws relating to telephone interception and data protection.
Although these acts have been updated since 1986, technology has moved on so much that many loopholes in the law may have opened up. Legislation is unlikely to deter hackers as evidence of their activities would be almost impossible to obtain.
All phones are slightly different in the way they control Bluetooth, but it is this communication path which is the key to accessing the target phone. The hacker does not need either phone to be in range of a network mast or to be logged- on to a network. Bluetooth operates totally independently of the network being a straightforward radio link between mobile phone and other IT or mobile devices.
The latest development in the mobile phone hacking software scene is the Pseudo Cell. This “black box” imitates the base station that the target phone would normally connect to (i.e. the nearest and that which has therefore the strongest signal). Using the portable Pseudo Cell, mobile phone calls which are made in the near vicinity are routed through it and all the data sent by the mobile is collected, recorded and re-transmitted to the legitimate cell (base station). As an example where the Pseudo Cell could be used: many parking meters in London now require you to phone in on your mobile with details of your parking location, time required for parking, your credit card number, its expiry date and your card’s security code. The hacker’s Pseudo Cell now also has this information.
Listed below are the functions which have been demonstrated to us using standard mobile phones and free software. The software was downloaded from the net to prove that the above functions do work. This was carried out by sending software by Bluetooth to the target phone.
Free hacking software can alter your phone as follows:
1)Read your SMS text messages
2)Read your phone book
3)Change all or any of your phone settings
4)Listen in to your calls
5)Divert your calls to you as well from the target phone
6)Use your phone as a listening device.
