Hacker proves vulnerability of 2G GSM networks with homemade call interceptor
An ethical hacker demonstrated exactly what you can make with $1500 worth of equipment: a cell phone call interceptor. Using not much more than a laptop and two RF antennas, Chris Paget showed off his interception technology at DefCon 2010, convincingly proving just how unsecure 2G GSM networks are.
His equipment managed to fool cell phones in the audience that the setup was a real cell phone base station, and when they automatically routed their calls through it, he was able to intercept and record the conversations, which included encrypted calls. While this technology only works on outgoing calls at present, Chris Paget’s equipment can easily be duplicated, a worrying fact by itself, apart from the flaw in 2G GSM network acquisition protocols, which automatically redirect phones to connect to the base station with the strongest signal, regardless of its origin. In this manner, encrypted calls are not free from interception, because the base station can simply deactivate it once it acquires the signal. Though GSM specs insist that a cell phone should display a warning if it is forced to connect to a station that doesn’t have encryption, most SIM cards disable this feature to avoid innumerable alerts during operation. In essence, your call could be intercepted and recorded without your slightest knowledge.
This technology is nothing new in theory, and governments already use what are called IMSI catchers to pull off a similar feat, which can even capture data transfers. However, what is revolutionary is the low-cost and ease with which the setup can be made and procured, by anyone from the common man to the underfunded terrorist.
As you can imagine, the demonstration has already created a furore in the industry, with security experts as well as carriers suddenly worried about how to make 2G GSM networks safer. On the flip-side, maybe a version of this technology could be used by governments to monitor calls that they were previously unable to decrypt, specifically, the Indian government’s current need to decode BlackBerry calls.
Listed under tags :