[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss-gnuradio] address@hidden: [Scan-DC] Warning of increased GSM +
David I. Emery
[Discuss-gnuradio] address@hidden: [Scan-DC] Warning of increased GSM + TETRA attacks]
Wed, 15 Feb 2012 02:33:49 -0500
February 13, 2012 Monday 12:43 PM EST
Warning of increased GSM + TETRA attacks
LENGTH: 471 words
Rating: We're back to Squidgygate and police radio scanners again
Here's a bit of an ominous warning. Much worse than mere voicemail hacking.
Greg Jones, a director of wireless security specialist, Digital Assurance, is
warning of the dangers posed by the increasing availability of low cost
software defined radio (SDR) solutions. He says, "It's extremely likely that
criminal gangs, hacktivists and others will all show a growing interest in
[SDR]. And we're not just talking about the hacking of individual mobile phones
here but the possible compromise of critical infrastructure." In a nutshell,
what Mr Jones is suggesting is that thanks to SDR it's no longer possible to
assume that calls made over commercial and specialist wireless networks are
inherently secure. We're back to the bad old days when ham radio enthusiasts
could list into analogue cellular calls. Who remembers the infamous Squidgygate
tapes, for example?There's nothing inherently evil about SDR technology. In
effect, its arrival has helped to make devices like cellular phones c
heaper by dispensing with the need for multiple, dedicated wireless chipsets.
So what's going on? Jones says, "Those attempting to compromise wireless
communications systems in the past have used expensive equipment coupled with
advanced signal analysis skills."
This is a reference to the fact that breaking standard GSM signals previously
required a supercomputer. Not any more, apparently.
"SDR devices typically use a standard PC to capture and manipulate radio
spectrum potentially allowing an attacker to capture and demodulate advanced
radio systems which were previously inaccessible to the hacking community,"
He doesn't actually mention it but if that 'standard PC' includes a laptop we
could be in deep trouble. Think innocuous white van sitting outside your
Which advanced systems is he talking about? Well, the list includes mobile
networks such as GSM, Wi-fi, WiMAX, DECT and even TETRA.
So that's not just your mobile phone, your laptop and your cordless phone -
we're also looking at hacking emergency services.
Think police radio scanners used by crooks to know if they've been detected yet.
Just to make the point Jones even names the tools a budding SDR hacker needs.
The USRP (Universal Software Radio Peripheral) coupled with open source
software like GNU Radio. Oops.
What particularly worries GoMo News is the potential to 'spoof' a GSM base
station and intercept the calls you think you are making to your bank.
Jones is a master of understatement. "If one were to consider the implications
of a co-ordinated attack against a critical communications system over say
London - even if the attack were restricted simply to signal jamming - the
potential is there to cause massive disruption," Greg Jones stated.
Olympics 2012, anyone?
Scan-DC mailing list
This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
----- End forwarded message -----
Dave Emery N1PRE/AE, address@hidden DIE Consulting, Weston, Mass 02493
"An empty zombie mind with a forlorn barely readable weatherbeaten
'For Rent' sign still vainly flapping outside on the weed encrusted pole - in
celebration of what could have been, but wasn't and is not to be now either."
- [Discuss-gnuradio] address@hidden: [Scan-DC] Warning of increased GSM + TETRA attacks],
David I. Emery <=