In 2005, the cell phone of the prime minister of Greece and those of 100 other people were secretly tapped by what in my opinion is the most extraordinary attack on a cell phone network that has been uncovered to date. The July 2007 issue of the IEEE Spectrum magazine has a very good summary of what happened, how the spy program was detected and the consequences. The article is also available online.
Here’s the elevator pitch:
- Unidentified hackers design a secret patch for Ericsson Mobile Switching Centers and mange to insert the code into switches in the Vodafone Greece network.
- The code checks all calls and taps conversations made over 100 selected phones. These conversations are in effect duplicated and forwarded to other mobile phones.
- The hackers make a mistake when they update their spy program and logs are generated by the switch. This tips of Vodafone and Ericcson which then start an investigation.
- And for the rest… read the article.
It’s one thing to program a virus or trojan horse for a Windows, MAC or Linux box. Secretly inserting code into a GSM Mobile Switching Center which does not run an off the shelf operating system, however, is quite another. It definitely shows why Cryptophones that encrypt a call from mobile to mobile are worth their money. I wonder, how many of those 100 people used one…