Mobile network cracked by hackers

Simple technology can be used to eavesdrop on the network used for most mobile phone calls and texts, security researchers have shown

The software used to make most phone calls has now been comprehensively hacked Photo: GETTY

By Matt Warman, Consumer Technology Editor 8:00AM GMT 01 Jan 2011

6 Comments

Security researchers have shown that the network used to make 80 per cent of the world’s phone calls is vulnerable to hacking, building on work demonstrated in previous years.

Karsten Nohl and Sylvain Munaut demonstrated their “toolkit” at the Chaos Computer Club Congress (CCC) in Berlin. They showed off an "end-to-end" hack, from identifying a phone to stealing its data, which completes work they showed last year indicating that it was easy to crack the GSM network’s security codes.

Simon Bransfield-Garth, chief executive of mobile phone security firm Cellcrypt, said that "Businesses must plan now for the eventuality that their mobile voice calls will come under increasing attack. A ‘policy of hope’ towards mobile phone security is not adequate." He said that voice services should be treated with the same caution as emails.

Most mobile phone calls worldwide are made using the GSM standard. GSM calls are protected by a 22-year-old encryption algorithm, known as A5/1. The algorithm, which was first cracked in 1999, is designed to prevent mobile phone calls from being intercepted by eavesdroppers. It works by forcing mobile phones and base stations to continually change frequencies. A typical phone conversation changes frequencies around 60 times.

The GSM Association has had a stronger algorithm, called A5/3, available since 2007 but few mobile network providers have made the upgrade.

Mobile network cracked by hackers

Simple technology can be used to eavesdrop on the network used for most mobile phone calls and texts, security researchers have shown

The software used to make most phone calls has now been comprehensively hacked Photo: GETTY

By Matt Warman, Consumer Technology Editor 8:00AM GMT 01 Jan 2011

6 Comments

Security researchers have shown that the network used to make 80 per cent of the world’s phone calls is vulnerable to hacking, building on work demonstrated in previous years.

Karsten Nohl and Sylvain Munaut demonstrated their “toolkit” at the Chaos Computer Club Congress (CCC) in Berlin. They showed off an "end-to-end" hack, from identifying a phone to stealing its data, which completes work they showed last year indicating that it was easy to crack the GSM network’s security codes.

Simon Bransfield-Garth, chief executive of mobile phone security firm Cellcrypt, said that "Businesses must plan now for the eventuality that their mobile voice calls will come under increasing attack. A ‘policy of hope’ towards mobile phone security is not adequate." He said that voice services should be treated with the same caution as emails.

Most mobile phone calls worldwide are made using the GSM standard. GSM calls are protected by a 22-year-old encryption algorithm, known as A5/1. The algorithm, which was first cracked in 1999, is designed to prevent mobile phone calls from being intercepted by eavesdroppers. It works by forcing mobile phones and base stations to continually change frequencies. A typical phone conversation changes frequencies around 60 times.

The GSM Association has had a stronger algorithm, called A5/3, available since 2007 but few mobile network providers have made the upgrade.

Cybercrime: one in 10 computers vulnerable to attack

A new report reveals that cybercriminals are attacking millions of computers every month – and infecting approximately 10 per cent

Computer hackers have been able to infect one in 10 of the PCs they've attacked, a new survey found Photo: CLARE KENDALL

By Matt Warman, Consumer Technology Editor 11:42AM BST 22 Jul 2010

6 Comments

Cybercriminals are increasingly focussing on money, a new report suggests, and improved organisation means that “toolkits” have been developed to methodically infect PCs so that illegally obtained information can be bought and sold.

In a survey by security firm AVG, 165 internet domains were found to have attacked 12 million visitors over the course of two months. More than 1.2 million computers were subsequently infected.

The research looked at criminals using the so called “Eleonore toolkit”, which aims to use malware contained on specially created websites to steal information such as credit card details, emails and national insurance numbers.

The software targets known vulnerabilites, primarily in older versions of Microsoft’s web browser. Internet Explorer 6 alone accounted for one-third of all infections. Apple Browser Safari proved the most resistant to Eleonore attacks, allowing just 2.78 per cent of machines using it to be infected. Adobe Acrobat and Sun Javascript also accounted for a significant number of infections.

Criminal servers were typically hosted in the Ukraine, where more than a quarter were found, the Russian Federation and Kazakhstan. Hackers appeared to target the Russian Federation, too: 8,906,025 attacks were recorded, and 916,430 (10.3%) were successful. The United States and Britain attracted approximately half a million attacks each, which met with a similar level of success.

Cybercrime: one in 10 computers vulnerable to attack

A new report reveals that cybercriminals are attacking millions of computers every month – and infecting approximately 10 per cent

Computer hackers have been able to infect one in 10 of the PCs they've attacked, a new survey found Photo: CLARE KENDALL

By Matt Warman, Consumer Technology Editor 11:42AM BST 22 Jul 2010

6 Comments

Cybercriminals are increasingly focussing on money, a new report suggests, and improved organisation means that “toolkits” have been developed to methodically infect PCs so that illegally obtained information can be bought and sold.

In a survey by security firm AVG, 165 internet domains were found to have attacked 12 million visitors over the course of two months. More than 1.2 million computers were subsequently infected.

The research looked at criminals using the so called “Eleonore toolkit”, which aims to use malware contained on specially created websites to steal information such as credit card details, emails and national insurance numbers.

The software targets known vulnerabilites, primarily in older versions of Microsoft’s web browser. Internet Explorer 6 alone accounted for one-third of all infections. Apple Browser Safari proved the most resistant to Eleonore attacks, allowing just 2.78 per cent of machines using it to be infected. Adobe Acrobat and Sun Javascript also accounted for a significant number of infections.

Criminal servers were typically hosted in the Ukraine, where more than a quarter were found, the Russian Federation and Kazakhstan. Hackers appeared to target the Russian Federation, too: 8,906,025 attacks were recorded, and 916,430 (10.3%) were successful. The United States and Britain attracted approximately half a million attacks each, which met with a similar level of success.

Cyberwar Is Hell

While we obsessed over Russian spies, top diplomats were working to stop a greater espionage problem: the threat of cyberwarfare.

(Page 1 of 2)

Simon D. Warren / Corbis

We’ve been focused on the wrong spies. When 11 Russian sleeper agents were discovered living in the United States—and then sent home in exchange for their counterparts—it was hard to resist the sexy espionage tale with echoes of the Cold War. But while we’ve fixated on Anna Chapman and her cohorts, top diplomats were working on a wonkier but more important advance in spycraft. This month, experts from 15 countries agreed to begin serious negotiations on establishing international norms on cybersecurity. This story is far more significant in the long run because, without basic agreements about cyberspace, cyberattacks, and even cyberwars could become a daily danger.

Sure, spy stories are irresistible—particularly when a sexy redhead like Chapman is involved and there are plenty of racy photos to titillate readers. It’s also true that the press may have been too quick to write off the Russian sleeper agents as a bunch of bunglers who accomplished nothing. We don’t know what support roles they may have had for more serious operations; human intelligence can still trump electronic spying in many situations, and spying will always be with us.

But, increasingly, international relations will be shaped by new challenges that require new tactics—and new assumptions about where we can and should cooperate, even with former enemies. Look at the United Nations group of experts that overcame at least some of their mutual suspicions to take a first step toward international cooperation on cybersecurity last week. After years of talks that went nowhere, they—United States, Russia, China, India, and several others—agreed to begin discussing ways to exchange information about national cyberstrategies, strengthen protection of computer systems around the world, including in less-developed countries, and even set some ground rules on cyberwarfare. Other nations in attendance may not be G7 economies, but online they are powerhouses: Israel, Brazil, South Korea, and Estonia.

The History of Computer Hacking

The idea that Russian and Estonian experts, in particular, could join forces to issue cybersecurity recommendations would have sounded absurd until recently. Just three years ago, Estonia was the target of a massive cyberattack, which now is held up as Exhibit A when it comes to cyberwarfare. The Estonians, and much of the rest of the world, were convinced that this was an attack orchestrated by the Kremlin in retaliation for Tallinn’s decision to remove a World War II memorial honoring Red Army troops. Moscow and local Russians were furious about this “desecration,” and there were violent clashes in the streets. Although the Russian authorities denied any involvement, the concerted cyberattacks on Estonia’s government and private-sector Web sites, designed to cripple the country’s digital infrastructure, certainly looked like angry and organized retaliation.

What’s changed? Those hard feelings haven’t disappeared, but there’s a growing realization that no country can protect itself from cyberattacks on its own. One key problem is attribution—the inability to definitely pinpoint the source of an assault. Terrorists, criminals, and political groups can now launch sophisticated salvos using “botnets”—armies of computers around the world that they have commandeered without the knowledge of the people who own those machines. That makes it hard to prove—and easy to deny—any state’s role in a specific cyberattack. And it makes everyone and everything, including critical infrastructure such as transportation and electricity grids, vulnerable.

Cyberwar Is Hell

While we obsessed over Russian spies, top diplomats were working to stop a greater espionage problem: the threat of cyberwarfare.

(Page 1 of 2)

Simon D. Warren / Corbis

We’ve been focused on the wrong spies. When 11 Russian sleeper agents were discovered living in the United States—and then sent home in exchange for their counterparts—it was hard to resist the sexy espionage tale with echoes of the Cold War. But while we’ve fixated on Anna Chapman and her cohorts, top diplomats were working on a wonkier but more important advance in spycraft. This month, experts from 15 countries agreed to begin serious negotiations on establishing international norms on cybersecurity. This story is far more significant in the long run because, without basic agreements about cyberspace, cyberattacks, and even cyberwars could become a daily danger.

Sure, spy stories are irresistible—particularly when a sexy redhead like Chapman is involved and there are plenty of racy photos to titillate readers. It’s also true that the press may have been too quick to write off the Russian sleeper agents as a bunch of bunglers who accomplished nothing. We don’t know what support roles they may have had for more serious operations; human intelligence can still trump electronic spying in many situations, and spying will always be with us.

But, increasingly, international relations will be shaped by new challenges that require new tactics—and new assumptions about where we can and should cooperate, even with former enemies. Look at the United Nations group of experts that overcame at least some of their mutual suspicions to take a first step toward international cooperation on cybersecurity last week. After years of talks that went nowhere, they—United States, Russia, China, India, and several others—agreed to begin discussing ways to exchange information about national cyberstrategies, strengthen protection of computer systems around the world, including in less-developed countries, and even set some ground rules on cyberwarfare. Other nations in attendance may not be G7 economies, but online they are powerhouses: Israel, Brazil, South Korea, and Estonia.

The History of Computer Hacking

The idea that Russian and Estonian experts, in particular, could join forces to issue cybersecurity recommendations would have sounded absurd until recently. Just three years ago, Estonia was the target of a massive cyberattack, which now is held up as Exhibit A when it comes to cyberwarfare. The Estonians, and much of the rest of the world, were convinced that this was an attack orchestrated by the Kremlin in retaliation for Tallinn’s decision to remove a World War II memorial honoring Red Army troops. Moscow and local Russians were furious about this “desecration,” and there were violent clashes in the streets. Although the Russian authorities denied any involvement, the concerted cyberattacks on Estonia’s government and private-sector Web sites, designed to cripple the country’s digital infrastructure, certainly looked like angry and organized retaliation.

What’s changed? Those hard feelings haven’t disappeared, but there’s a growing realization that no country can protect itself from cyberattacks on its own. One key problem is attribution—the inability to definitely pinpoint the source of an assault. Terrorists, criminals, and political groups can now launch sophisticated salvos using “botnets”—armies of computers around the world that they have commandeered without the knowledge of the people who own those machines. That makes it hard to prove—and easy to deny—any state’s role in a specific cyberattack. And it makes everyone and everything, including critical infrastructure such as transportation and electricity grids, vulnerable.

Facebook Grants Developers Access To Home Addresses … Trouble Waiting To Happen?

Facebook has put in a lot of effort to getting users to enter their mobile numbers. But now the social network is giving developers access to numbers in addition to home addresses with a single click. Is this just trouble waiting to happen?

The timing of the post couldn’t have been more questionable — just as most people were leaving work on the west coast and Facebook employees were beginning their weekly happy hour at Cafe 6. Granted, the company’s job is to make this post appear as though it’s just another day at the social network, in an effort to play down the significance of this new functionality. Over the weekend a number of publications began discussing the issue, the most sensational of which comes from Sophos, which writes “Rogue Facebook apps can now access your home address and mobile phone number.”

It’s true. Facebook’s new permissions gives those developers with bad intentions access to a greater amount of personal information. The flip side is that this isn’t exactly credit card information. However, as developers gain access to more information, the question arises: Is the company doing enough to protect our personal data? The answer is most definitely not clear cut.

The Consumer Perspective

All Facebook’s Editor, Jackie Cohen, provided us with the consumer’s perspective earlier this morning, pointing out that “most people will click ‘allow’ without noticing the permission window now includes the words ‘current address and mobile phone number.’ …Unfortunately, the developers plying the user graph objects include rogue applications, such as spamware, malware and deceptive schemes that security staff seems to have a hard time keeping up with. This category of n’er-do-wells can now gain access to people’s mobile phone numbers and street addresses. So we really hope the social network devises a way to bar the rogues from using this set of code, and if that’s not possible, then perhaps get rid of the entire thing before any damage could be done.”

It’s a legitimate perspective, which is why we’ve already seen a lot of people, including Sophos, criticize Facebook for the move. As one commenter told us, “I’m deleting all my personal info now. ugh!!!!!” This is probably the most rational response, in addition to being the best way to protect your personal information.

Facebook As An Identity Authenticator

On the flip side, Facebook is trying to legitimately provide users with a valuable tool to make surfing the web a whole lot easier. By serving as a centralized identity provider, the social network makes registering for new sites as easy as a couple of clicks. It’s a problem that has existed on the web for a long time now: You visit a new website and have to fill out a long form that typically includes the same information: email, first name, last name, password, and potentially additional data such as your age, gender, phone number and so on.

Rather than having to fill out the information over and over with each new application that you install, the social network enables users to accomplish the exact same thing in a matter of clicks. It’s a clear value add, and it’s exactly why the company says, ”every month, more than 250 million people engage with Facebook on external websites.”

Facebook’s Questionable Communication

While the value proposition is clear, Facebook has used a questionable communication strategy. As previously mentioned, why would the company choose to post such a significant article at a time when most users are done with the week and now moving on to weekend activities? We can only see this as a deliberate effort to push the issue under the radar. This is exactly the type of communication that we don’t want from one of the most powerful identity providers in the world. Instead we want transparency from a company that expects its own users to be completely transparent.

Why not write an occasional blog post addressing the issues surrounding privacy and identity that are ever present in the media? With Facebook recently coming under attack over the sharing of user data on their platform by developers, it seems odd that the company would just push forward as though nothing happened. While such a policy is only expected based on past behavior, increasing transparency is something that would possibly bring comfort to users.

We can only sit and wait for the next Rapleaf to emerge, next time with much more personal user information, thanks to the increasing amount of data granted to developers. What’s most obvious is that we now live in a world of decreasing privacy, and Facebook is taking the lead in pushing us forward into this new age. As the leader though, it would be great to see Facebook take a much more proactive approach in communicating the company’s position. Then again, they’ve gotten this far with a less-than-transparent communications strategy, why stop now?

Do you agree or disagree with Facebook’s decision to grant developers access to additional user data? What additional information would you like to hear from Facebook that they aren’t providing now?