Hacking saga

by Mark Rowe

The mobile phone hacking saga simply gets worse, writes our regular contributor Jim Gannon.

It seems that not a day passes now without news of yet another internet fraud scam or a case of hacking hitting the media, revealing serious shortfalls in security protection across the world global network. The word insecurity comes to mind. While high powered industry spends vast amounts in the quest to protect their own organisations, Joe Public stands little or no chance of ensuring they are 100pc percent safe.

The mobile phone has now become one of the most sought after pieces of illegally sourced equipment by hackers and fraudsters across the world. The fact is that the average user has their whole life contained within it, especially if they are an avid social media user. Business users have become more reliant on mobile devices especially if their job involves moving between different locations.

A company called Evolved Intelligence put out some very interesting material in October 2016 making the point that your mobile number is all a hacker needs to intercept your calls and texts, block your signal and track your movements. This certainly made me sit up straight and take notice. Current mobile phones are generally poorly protected by their owners and we are now in a similar situation to the early days of the internet when PC users needed to wise up very quickly and protect their equipment from malicious attacks. Hackers in those days only really existed in the secret service and James Bond films.

Reality

According to warnings issued by Steve Buck product director of Evolved Intelligence the mobile phone is going from strength to strength and it’s crucial for our private and business lives but with greater reliance on such devices comes a greater risk especially when it comes to privacy and fraud. The fact is that best estimates reveal that in five years time there will be nine billion mobile subscriptions and that’s more than there are people on the planet. Strong facts from Evolved Intelligence which the industry needs to take note of.

While phone hacking in itself is not big news to us, the ongoing revelations will at some time affect us all. Mobile operators use a network called Signalling system 7 referred to as SS7 which is essentially the backbone of the world global mobile network. This is in essence according to the experts ancient technology which worldwide criminals are exploiting to access mobile devices in order to obtain information and commit fraud.

Nick Jones, chief technology at Evolved Intelligence, recently stated that nowadays it costs as little as £800 a month to access the SS7 network, a small price for hackers who use it to eaves drop on calls, track your movements, spam you, deny you service or use it to intercept passwords to access your bank account. The holes are there to be exploited and users need more protection. Just one more reason I, like many others refuse the so called advantages of mobile and internet banking. While intelligence and security agencies are working flat out to find answers to these system flaws the fraudsters are ramping up the ante to gather in the hay whilst the sun still shines on them. The mobile revolution however marches on unperturbed in the face of conflict.

Low end players

Whilst the big boys have their problems just think about the low end players probably like you and me that just own one or two phones (private and business) and apply moderate security on their appliances. If you are planning to sell your old phone on eBay or suchlike, after getting a new one as a Christmas present, you may want to think again. Apparently things like emails, social media data, photos, videos and personal information which users believed they had deleted can still be obtained from old phones using the right technology.

And much more

In a piece of research and investigation conducted by academics from the University of East London in data released in December 2016 it was revealed they were able to obtain an array of sensitive information from an iPhone 4 and an iPhone 5 simply purchased secondhand from a market place website although such information had apparently been deleted by the previous owners. By utilising advanced data mining software which is now available commercially and used by law enforcement agencies as well as financially resourced criminals, they were able to extract information such as passwords, scans of ID cards and passports all no doubt the previous owners thought had been wiped clean. It was also revealed that there are now in existence a number of open source tools which will do the same job, if you have the knowledge of where to obtain them and the finance to make the purchase and of course the techno skills to use the equipment.

Criminal dream

The data and statistics obtained which included 61passwords, basically is what criminals dream about. User names and passwords for iCloud accounts were just the tip of the iceberg. The warning that such data could be used for financial and credit card fraud or even blackmail of users tempted to share explicit images on social media. UEL pointed out that although data destruction and data wiping services are available mobile phone users rarely use them.

Red card

Deleted Personal data may be found on mobile phones sold second hand or donated to charity shops including other personal devices such as laptops, iPads and tablets. Go to any second hand shop, pawn broker, car boot sale or simply a charity sale and you will see them on sale often just for a few pounds. Criminals have realised this especially in third world countries where many of these devices eventually end up. A red card has been issued by those in the know so take heed or pay the price.

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing