Recent revelations about the rise in voicemail and data hacking have elevated interest in how easy it may or may not be to gain access to individual and enterprise mailboxes of all shapes and sizes, particularly those associated with mobile devices. The recently concluded DEFCON 19 in Las Vegas and the Chaos Communication Camp in Germany, showed how relatively easy it is. Buyers and IT managers beware.

Danger lurks

At DEFCON 19, Extremetech reported:

 “A full man-in-the-middle (MITM) attack was successfully launched against all 4G and CDMA transmissions in and around the venue, the Rio Hotel in Las Vegas. This MITM attack enabled hackers to gain permanent kernel-level root access in some Android (News - Alert) and PC devices using a rootkit, and non-persistent user space access in others. In both cases, whoever launched this attack on CDMA and 4G devices was able to steal data and monitor conversations.”  

The post contains both details on how the hacking was accomplished as well as caveats as to the ability to validate the report by security specialist who goes by the name Coderman. This included questions about which flavor of 4G had been successfully compromised. However, if true (and there is reason to believe it is based on successful MITM attacks over Wi-Fi) this would be the first time 4G has been hacked, raising serious challenges to service providers.  

At the Chaos Communications Camp in Finowfurt, Germany, noted code breaker Karsten Nohl, from Berlin-based consultancy Security Research Labs, gave a talk about how he and co-researcher Luca Melette cracked the GPRS (General Packet Radio Service) code used on the world’s GSM networks for sending texts, emails and browsing the Internet. Nohl, in fact, not only demonstrated his expertise, but asserted that phone encryption from the get go was designed to be cracked so governments could, for security reasons, intercept messages and eavesdrop on supposed bad actors. This is not the first time Nohl has demonstrated how relatively simple it is to intercept mobile communications. Back in December of last year he presented a scheme for breaking A5-1, the encryption that scrambles GSM phone calls.

For his latest demo, Nohl said that he was able to use his interceptor phone (a 7-year old Motorola GSM model with some off the shelf software apps) to decrypt and read data transmissions from T-Mobile, O2 Germany, Vodafone (News - Alert) and E-Plus. He said the tests revealed that in Italy, TIM, leader, Telecom Italia’s mobile unit, and Wind did not encrypt mobile data at all, and Vodafone Italia had weak encryption. And, to the consternation of GSM providers, he also stated that he would be releasing the software need to reprogram Motorola (News - Alert) phones to become GPRS interceptors.

A New York Timesarticle on August 9 quoted Nohl as saying that the release of the information would give mobile operators “a few months” to clean up their act before hackers replicated his work and started attempts to break mobile broadband networks.  The article also noted that Canadian carrier Rogers Communications estimates that 90 percent of GSM data traffic employs GPRS.

Bethesda, MD-based Koolspan, in a press release citing both the Las Vegas and German results, highlighted the reasons individuals need to be alarmed about the hacking of voice and data on mobile networks. It touted its TrustChip® mobile encryption engine, which can plug into any SD slot on a variety of mobile devices as the best defense against having communications compromised.

The reality is, all of this attention goes to the heart of a host of security issues now being vetted in public. These issues center on the use of mobile devices as enablers of mob violence and the degree to which governments should be able to restrict network access to services in potential violent hot spots. In addition, the topic of whether governments should be able to intercept communications of those intent on creating chaos and promoting civil disobedience is also being debated.

If nothing else, the discussion that has been generated about the ability of not just governments but others with possible evil intentions to intercept voice and data communications is a much-needed education for consumers and IT managers. In fact, with mobile communications devices becoming the communications devices of choice in enterprises, the security of those devices, for a host of reasons — accessing corporate data by circumvention of security measure, along with interception of real and near-real time communications — is something that must be factored into their overall risk assessment analyzes and risk management plans.

Peter Bernstein is a technology industry veteran, having worked in multiple capacities with several of the industry's biggest brands, including Avaya (News - Alert), Alcatel-Lucent, Telcordia, HP, Siemens, Nortel, France Telecom, and others, and having served on the Advisory Boards of 15 technology startups. To read more of Peter's work, please visit his columnist page.