On Saturday, Chris Paget, an American computer security
researcher, revealed how he could tap mobile calls using $1,500 worth of
radio equipment and an antenna.
He showed, while presenting at the DefCon hackers conference in Las
Vegas, how his device broadcasts a GSM signal, allowing it to pose as a
cell phone tower.
The device only works on mobile phones using the second-generation of
the GSM standard, which is used by the overwhelming majority of mobile
phone users around the globe.
However, the ability to listen in on calls does not apply to the more secure third-generation, or 3G, networks.
Paget called on telecom providers to switch to 3G networks, saying
GSM is broken, but the GSM Association, an industry consortium, remains
unconcerned.
"Although it is generally acknowledged that a ‘man in the middle
attack’ using a false base station is possible, there are a number of
hurdles to be overcome to launch a successful attack," it said in a
statement.
Bildunterschrift: Großansicht des Bildes mit der Bildunterschrift: There are over four billion GSM users worldwideHow a fake cell phone tower works
Cell phones are tricked into routing their outbound calls through the
fake cell phone tower, enabling the hacker who controls it to listen
in. Paget's gear can target specific numbers and may even give hackers
access to credit card or account information siphoned from calls made to
shops and banks.
It's the price tag that has industry insiders worried. The system
only costs $1,500, or about 1,100 euros, to create, meaning mobile phone
hacks are now more broadly available than ever before.
"These attacks used to cost millions of dollars, now you can do it
for a lot less,” Paget told the Agence France Presse news agency at the
conference on Saturday.
But the GSM Association says having the equipment doesn’t immediately
provide access to private calls. They say hackers need to be within a
certain range of their victims, and they have to bypass mechanisms
designed to protect the identity of mobile users.
Bildunterschrift: Großansicht des Bildes mit der Bildunterschrift: Even a switch to 3G may not make phones any saferHeavy investment in older technologies
Other industry watchers say the truth is mobile phone operators and
manufacturers aren't prepared to make the switch to better security.
"Telecom providers
have made a substantial investment and want to use the old technology"
said Christos Xenakis, a mobile security lecturer at the University of
Piraeus in Greece. He believes the industry never anticipated that
hackers would be able to spoof a GSM signal for such little money.
"The problem is that
when the technology was designed 25 years ago, no one imagined it would
become so cheap,” he said in an interview with Deutsche Welle.
But Xenakis says security upgrades are becoming more available.
"Technology solves
this problem," he said. "With new generation UMTS networks, third
generation networks, new mobile networks... there are answers coming."
Xenakis added that the industry will eventually be forced to advance
beyond 3G capabilities, as Paget showed on Saturday how even 3G remains
vulnerable.
During his demonstration, Paget said he could also capture phones
using 3G by sending out jamming noise to block this technology. The
phones then would automatically revert to a 2G connection and connect
through his rogue base.
Author: Saroja Coelho
Editor: Cyrus Farivar
http://www.dw-world.de/dw/article/0,,5859169,00.html
