This week Insider Surveillance takes you on a tour – past, present and future – of the best mobile hacking. Coming up in a series of three analyses: the NSA/GCHQ end point, encryption bypass attack on Gemalto SIM Cards; recent revelations that vulnerability of phones using SS7 and SIGTRAN persists as the industry migrates to Diameter protocol; plus the ways hackers plan to attack Internet of Things (I0T) as 5G takes root – a development that has the one world’s leading mobile operators up late at night worrying.
The low-down on the best mobile hacking episodes, techniques and future concerns to be covered here:
SIM Cards. We begin with a close look at how the NSA and Britain’s GCHQ thwarted end-to-end encryption made by Netherlands-based cyber security leader Gemalto, the world’s largest maker of SIM cards for mobile devices. The technique: leveraging vulnerble end points. This sophisticated attack, which left Gemalto helpless and confused, revealed how government intelligence agencies can easily thwart even the most sophisticated encryption simply by attacking the end points. When the breach was revealed in February 2015, Gemalto lost US $500 million in market valuation the very next day. Gemalto attempted to dismiss the attack by pointing out that it had occurred in 2010-2011 and was thus ancient history. But not so fast, Dutchmen. The identical technique is still popular with another agency.
SS7 and Diameter. Last week a confidential report by CSRIC (Communications Security, Reliability Interoperability Council) “Working Group 10” to the U.S. Federal Communications Commission “revealed” that Signaling System 7 (SS7), its IP-based version SIGTRAN, and Diameter – all common protocols used in call set-up, routing and exchange functions in networks worldwide – contain damaging vulnerabilities that render not just wireless but even wireline communications users wide open to hacking by criminals and government agencies. SS7, SIGTRAN and Diameter were created in a “trust environment” of mobile operators working peer-to-peer, basically without consideration of security risks. The amusing aspect of the CSRIC report and the reason we place “revealed” in parenthesis: the ability to penetrate SS7 and conduct mobile hacking was first demonstrated by German hackers – in 2008 and quickly forgotten. Pretty astounding for might turn out to be the biggest and most prevalent network security weakness in history.
IoT, 5G, Heebie-Geebies!
While most wireless leaders on duty at the recent Mobile World Congress used the event to hail the advent of (and their role in profiting from) the coming world of 5G mobile, one took time to discuss his fears about security risks posed by mobile hacking when 5G and the Internet of Things meet. Giovanni Ferigo, CTO of Telecom Italia, told the assembled crowd that while TI is in the vanguard of pushing 5G in Europe, his “personal nightmare” is the vast security threat posed by hackers targeting the IoT. 5G, he noted, is not for human users so much as for robotics and connected devices that could be penetrated to reveal both transactions and personal data of users. Not just toys and refrigerators, but automobiles connected to the IoT, will need rock hard safeguards to prevent such intrusion. At present, operators and device makers are more focused on waving the 5G hype banner than fixating on tough security.
An interesting week ahead. Stay tuned – and to the extent possible – off your mobile device and Samsung TV until we finish this series.