[[email protected]: [Scan-DC] Warning of increased GSM + TETRA attacks]

GoMo News

February 13, 2012 Monday 12:43 PM EST

Warning of increased GSM + TETRA attacks

LENGTH: 471 words

Rating: We’re back to Squidgygate and police radio scanners again

Here’s a bit of an ominous warning. Much worse than mere voicemail
hacking. Greg Jones, a director of wireless security specialist, Digital
Assurance, is warning of the dangers posed by the increasing
availability of low cost software defined radio (SDR) solutions. He
says, “It’s extremely likely that criminal gangs, hacktivists and others
will all show a growing interest in [SDR]. And we’re not just talking
about the hacking of individual mobile phones here but the possible
compromise of critical infrastructure.” In a nutshell, what Mr Jones is
suggesting is that thanks to SDR it’s no longer possible to assume that
calls made over commercial and specialist wireless networks are
inherently secure. We’re back to the bad old days when ham radio
enthusiasts could list into analogue cellular calls. Who remembers the
infamous Squidgygate tapes, for example?There’s nothing inherently evil
about SDR technology. In effect, its arrival has helped to make devices
like cellular phones c
heaper by dispensing with the need for multiple, dedicated wireless
chipsets.

So what’s going on? Jones says, “Those attempting to compromise wireless
communications systems in the past have used expensive equipment coupled
with advanced signal analysis skills.”

This is a reference to the fact that breaking standard GSM signals
previously required a supercomputer. Not any more, apparently.

“SDR devices typically use a standard PC to capture and manipulate radio
spectrum potentially allowing an attacker to capture and demodulate
advanced radio systems which were previously inaccessible to the hacking
community,” Jones explains.

He doesn’t actually mention it but if that ‘standard PC’ includes a
laptop we could be in deep trouble. Think innocuous white van sitting
outside your home/office.

Which advanced systems is he talking about? Well, the list includes
mobile networks such as GSM, Wi-fi, WiMAX, DECT and even TETRA.

So that’s not just your mobile phone, your laptop and your cordless
phone - we’re also looking at hacking emergency services.

Think police radio scanners used by crooks to know if they’ve been
detected yet.

Just to make the point Jones even names the tools a budding SDR hacker
needs. The USRP (Universal Software Radio Peripheral) coupled with open
source software like GNU Radio. Oops.

What particularly worries GoMo News is the potential to ‘spoof’ a GSM
base station and intercept the calls you think you are making to your
bank.

Jones is a master of understatement. “If one were to consider the
implications of a co-ordinated attack against a critical communications
system over say London - even if the attack were restricted simply to
signal jamming - the potential is there to cause massive disruption,”
Greg Jones stated.

Olympics 2012, anyone?


Scan-DC mailing list
Home: http://mailman.qth.net/mailman/listinfo/scan-dc
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[email protected]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html

----- End forwarded message -----


Dave Emery N1PRE/AE, [email protected] DIE Consulting, Weston,
Mass 02493
"An empty zombie mind with a forlorn barely readable weatherbeaten
‘For Rent’ sign still vainly flapping outside on the weed encrusted pole

  • in
    celebration of what could have been, but wasn’t and is not to be now
    either."

They are gonna think they can fire up GNURadio and start decrypting
likes
it a program. Followed by a influx of “GNURadio is crap” comments…

You know, I wasn’t going to respond to this, but what the heck:

July, 1930 - Anytown USA

“Criminals Use Electronics to Foil Police”

The increasing use of electronic communications by police and other law
enforcement bodies has lead criminals to engage in methods to
interrupt and eavesdrop (listen to) those communications using
off-the-shelf or home-built devices.

Emerging retail outlets such as “Radio Shack” (Boston, Ma) and “Allied
Radio” (Chicago, Il) have facilitated such criminal activity by
providing not only complete radio receiver sets, but components such
as vacuum tubes, condensers, resistors, and such that dedicated
criminals can use to build their own specialized devices.

Even a simple “crystal set” can be modified by interested criminals to
listen to police-radio frequencies.

This is a worrying trend, and regulators are busy considering ways to
put a stop to it.


Marcus L.
Principal Investigator
Shirleys Bay Radio Astronomy Consortium
http://www.sbrac.org

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs