UN Issues Warning as Smartphone SIM Cards Can Now Be Hacked, About 750 Million Global Users At Risk
By Esther Tanquintic-Misa | July 22, 2013 4:11 PM EST
The United Nations has issued a warning to all 750 million smartphone users around the world to be wary of the removable SIM card on their smartphones. A German research firm has discovered a flaw in the old encryption technology used to make the device operational, enough to make it susceptible to the illegal activities of hackers.
Karsten Nohl, a German researcher and founder of Berlin's Security Research Labs, has found a way to maneuver into a SIM's 56-bit data encryption standard (DES) digital key, which later on enabled him to covertly send and install a virus through a secret text message.
What's further creepy is that the fake carrier message prompts an automated response from 25 per cent of DES-based SIMs, thus revealing a card's 56-bit security key.
Mr Nohl said it only took him two minutes to perform and complete the hack. The consequences of the irregularity, when placed in the wrong hands, could be massive.
"These findings show us where we could be heading in terms of cybersecurity risks," Hamadoun Touré, secretary general of UN's Geneva-based International Telecommunications Union, said.
The GSMA, which represents nearly 800 mobile operators worldwide, said it had also reviewed the research.
"We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted," Claire Cranton, GSMA spokeswoman, said.
Once a SIM card is penetrated, only the attacker knows how much fun can be done with the victimized device and its owner. Apart from snooting on texts, the attacker can even listen in on calls, use the card for fraud and tamper with it to send messages to premium message services.
"We can remotely install software on a handset that operates completely independently from your phone," the New York Times quoted the German researcher as saying.
"We can spy on you. We know your encryption keys for calls. We can read your SMS's. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account."
Although more carriers have migrated to the stronger, triple-DES encryption methods, Mr Nohl said there are over three billion users who still use the DES-based SIM cards.
Using just a regular PC, Mr Nohl sent out fake messages pretending to be from the mobile carrier containing a false signature. Almost most of the smartphones with DES were able to correctly flag the fake signature and terminated the communication, still a number sent a message back, including its encrypted digital signature.
To report problems or to leave feedback about this article, e-mail:
To contact the editor, e-mail:
Most Popular Slideshows
- From Fat To Fit: Celebrities Who Were Overweight Before They Became The Beauties That They Are
- Kendall Jenner Could Be Next Victoria's Secret Angel [PHOTOS]
- Champions League Results: Barcelona Barely Escapes With A Win, Chelsea Fails To Hold On To The Lead [PHOTOS]
- Taylor Swift Named People's Best Dressed Stars Of 2014 [PHOTOS]
Join the Conversation
- Ebola Update: Death Toll Reaches 2,461; US$1B Is Needed To Fight It, Says UN
- BC Teachers’ Strike Reaches Tentative Deal With Government, Date of Class Resumptions Still Not Sure
- Australia To Lose Hundreds Of Billions Worth Of Infrastructure Due To Rising Sea Levels
- UK Starts Ebola Vaccine Trials on Humans
- Health Virus Alert: Canadians Urged to Watch Out Against Rare Enterovirus D68; 3 Cases Confirmed in B.C., 18 in Alberta
- iOS 8 Release Date Of Sept 17 Has Arrived: Update Begins At 10AM Pacific Time, Upgrade Your iDevices With iOS 7.1.2 First To Install iOS 8
- Google Nexus 6 Release Date on Q4 2014 Confirmed by T-Mobile Featuring Wi-Fi Calling
- Why Samsung Galaxy S5 Is Not The Best Smartphone To Purchase Now? If You Still Want To, Wait For A Month To Get It Cheap
- Apple iPad Air 2, iPad Mini 3 October Release Date Roundup: Freshly Leaked Protective Case Debuts Unique Vent Alongside Camera
- Canadian IS Jihadist Wants to ‘Play Soccer’ with Heads of US Decapitated Soldiers
- Australia Actively Rallying Support For International Coalition Against ISIS
- Warning to U.S. – ISIS Has Shot Down a Syrian Regime Fighter Jet