SIM card hacking makes most of US targets

With six billion people worldwide now using mobile phones, it’s become clear how globally reliant we are on cellular technology. Of course no great new technological wonder comes without its risks.

The dangers we face via our mobiles have reached epic proportions. Up until now the mobile related danger list comprised of cyber bulling....,

raunchy leaked photos, brain tumors, unexpectedly high phone bills and the Mail On Sunday hacking our voice mail. Now we have SIM card hacking to worry about too.

Cryptography expert Karsten Nohl and his team of security experts in Berlin, Germany have recently announced the findings of their research into SIM card vulnerabilities. The discoveries have revealed that most of SIM cards worldwide are at Risk of being hacked. Worst case scenario; this would give an attacker unbridled access to our mobile phones.

Having tested one thousand SIM cards Nohl discovered that a quarter of them were susceptible to a specific hack which, within just a couple of minutes, grants a hacker full access to the hacked a mobile phone. He went on to reveal that the majority of the other SIMs were somewhat vulnerable to different hack which allows the hacker access to any bank details held with NFC payment apps such as Visa or Paypal.

The first instance where a hacker gains full access to the mobile phone is called ‘rooting’. This method relies on the SIM card using a DES encryption – a type of security developed by IBM back in the 70’s. Discussing this hack in an interview with Forbes Nohl stated; “as many as 750 million phones may be vulnerable to attacks.”

One of these attacks can be executed in as little as two minutes. The attacker simply sends a message containing false binary code to the unsuspecting victims mobile. The receiving mobile doesn’t understand the code because it doesn’t have the correct cryptographic signature so it responds to the request with an error code along with its encrypted private key. Once the attacker receives the private key they then use Rainbow Tables to crack the key encryption to unveil the unencrypted key. This key can then be used by the attacker to spoof the victim’s mobile operator and provide the victim’s phone with “automatic software updates”. Of course the only software the hacker would be interested sending would be far from beneficial to your phone.

Worryingly, this entire process could be carried out without ever alerting the victim. The message the hacker sends the target is the kind of invisible message that mobiles regularly use as a means of communication with their provider unseen by the mobile owner.

The damage potential of this hack could be expediential. Some possibilities include; complete theft of personal data held within victim’s phone, reroute calls made by the phone, eaves drop on calls, make calls to premium numbers, turn your mobile into a tracking device to know the victim’s whereabouts.

Luckily this hacking method does not work against the newer model 3DES encrypted SIM cards which goes toward explaining why the majority of mobiles remain safe from this hack. But many of us are now left wondering whether we are within the 25% of people with vulnerable SIMs.

While AT&T have openly stated that their SIMs use the mores secure 3DES, UK’s Vodafone have declined to comment.

Nohl’s SIM card security escapades unearthed a second vulnerability. This time it does affect the more secure 3DES encrypted SIMs thus putting most of at some level of risk although, as things stand now, this hack can only be executed if a hacker gains access to a mobile phone. They could achieve this using the first hack described earlier in this article.

According to Nohl, the world’s two biggest SIM card manufacturers Gemalto and Oberthur have an inherent flaw with the design of even their newer SIM cards. This flaw lies within what’s called ‘Sand Boxing’. Basically SIM cards are mini computers. Many payment applications such as those by PayPal and Visa are stored on SIM cards to make them NFC compatible. This storage is via a system called ‘Sandboxing’ which keeps the segmented from the rest of the SIM card. The segmentation is meant to be a security measure but the problem is that it doesn’t work.

The flaw is down to badly configured Sandboxing technology within the SIM cards produced by the two aforementioned manufacturers.

Thankfully NFC has not really taken off yet so most of us need not worry right now about our bank details being stolen quite yet.

Nohl has shared his finding in detail with all the major providers and associated bodies so that they can develop patches for the security holes. Nohl predicts that as the knowledge of this hack has become widespread, it will take upwards of six months before other hackers can figure out how to actually execute it. By then he hopes that appropriate measures will have been taken to fix the security flaws.