GoMo News
February 13, 2012 Monday 12:43 PM EST
Warning of increased GSM + TETRA attacks
LENGTH: 471 words
Rating: We’re back to Squidgygate and police radio scanners again
Here’s a bit of an ominous warning. Much worse than mere voicemail
hacking. Greg Jones, a director of wireless security specialist, Digital
Assurance, is warning of the dangers posed by the increasing
availability of low cost software defined radio (SDR) solutions. He
says, “It’s extremely likely that criminal gangs, hacktivists and others
will all show a growing interest in [SDR]. And we’re not just talking
about the hacking of individual mobile phones here but the possible
compromise of critical infrastructure.” In a nutshell, what Mr Jones is
suggesting is that thanks to SDR it’s no longer possible to assume that
calls made over commercial and specialist wireless networks are
inherently secure. We’re back to the bad old days when ham radio
enthusiasts could list into analogue cellular calls. Who remembers the
infamous Squidgygate tapes, for example?There’s nothing inherently evil
about SDR technology. In effect, its arrival has helped to make devices
like cellular phones c
heaper by dispensing with the need for multiple, dedicated wireless
chipsets.
So what’s going on? Jones says, “Those attempting to compromise wireless
communications systems in the past have used expensive equipment coupled
with advanced signal analysis skills.”
This is a reference to the fact that breaking standard GSM signals
previously required a supercomputer. Not any more, apparently.
“SDR devices typically use a standard PC to capture and manipulate radio
spectrum potentially allowing an attacker to capture and demodulate
advanced radio systems which were previously inaccessible to the hacking
community,” Jones explains.
He doesn’t actually mention it but if that ‘standard PC’ includes a
laptop we could be in deep trouble. Think innocuous white van sitting
outside your home/office.
Which advanced systems is he talking about? Well, the list includes
mobile networks such as GSM, Wi-fi, WiMAX, DECT and even TETRA.
So that’s not just your mobile phone, your laptop and your cordless
phone - we’re also looking at hacking emergency services.
Think police radio scanners used by crooks to know if they’ve been
detected yet.
Just to make the point Jones even names the tools a budding SDR hacker
needs. The USRP (Universal Software Radio Peripheral) coupled with open
source software like GNU Radio. Oops.
What particularly worries GoMo News is the potential to ‘spoof’ a GSM
base station and intercept the calls you think you are making to your
bank.
Jones is a master of understatement. “If one were to consider the
implications of a co-ordinated attack against a critical communications
system over say London - even if the attack were restricted simply to
signal jamming - the potential is there to cause massive disruption,”
Greg Jones stated.
Olympics 2012, anyone?
Scan-DC mailing list
Home: Scan-DC Info Page
Help: QSL.net :: Mailman Mailing List FAQ
Post: mailto:[email protected]
This list hosted by: http://www.qsl.net
Please help support this email list: QSL.net - Donate Site
----- End forwarded message -----
–
Dave Emery N1PRE/AE, [email protected] DIE Consulting, Weston,
Mass 02493
"An empty zombie mind with a forlorn barely readable weatherbeaten
‘For Rent’ sign still vainly flapping outside on the weed encrusted pole
- in
celebration of what could have been, but wasn’t and is not to be now
either."