By Craig B. in Security | 22/07/2011
Recently people have begun to ask how secure their phones are from those mischievous hackers, and quite rightly so, given recent events and scandal. So here at Waite IT, we decided to do a little bit of investigation into which techniques were allegedly used by the phone hackers and to see if we could conclude any preventative measures.
Firstly, as early as 2006 it was reported that mobile voicemail systems had been “hacked” rather crudely using a method which relied on operators setting all voicemail PINs for external callers to a default such as 0000 or 1234. This meant that all you (as a mischievous hacker) had to do was call the external voicemail access number for a persons network, enter your targets mobile number and this default PIN, and you could listen to their voicemails.
Many operators (I cannot say all for definite) have since changed their systems to prevent this, for example O2 now ensures that you set your own personalised PIN before you can access your voicemail from another phone. Problem solved, yes?
Well, perhaps not. Accessing voicemail is no longer so simple, but it has been documented that it is still possible using Caller ID spoofing. This essentially means tricking a mobile operator’s systems into thinking that your number is actually that of your target, and typically when you call the voicemail system using a recognised number you can access the voicemail for that number without requiring a PIN. This system can require a little technical knowledge to set up but there are seemingly some service providers which will allow you to do this for a fee.
Again, network providers are quick to make statements that say their networks are not or are no longer affected by such attacks, but there is ultimately no way to be sure without trying, and then it might be too late. We have heard of such attacks very recently.
Next, let’s move away from hacking phones as ‘phones’ and think of them more as the mini personal computers that they have become. Because of this they can be subject to many of the attack vectors that PCs are. As smartphones get smarter we are holding more and more data on them, which is liable to be accessed if, for example, you leave your phone on a train. Thankfully there are ways to combat this, such as encryption and remote wipe systems implemented by some of the major manufacturers. You should not rely solely on your phone’s screen lock passwords, as there are well documented methods to circumvent these within minutes.
Another area where you should exercise caution is public places with Wi-Fi hot spots. Lets say I go to a coffee shop and set up my laptop as a wireless access point, which I call something like “BT Connect”. You, as my target, connect your iPhone to my network thinking that it is legitimate and begin to browse the web unaware that all of your browsing traffic is being passed transparently through my laptop (meaning that I can see what you see as you’re browsing and maybe even access the data on your iPhone itself). This sort of “man-in-the-middle” attack is nothing new and has been well publicised. Ways to combat such attacks would be to only join encrypted Wi-Fi networks from a trusted source, and ultimately be wary of which websites you use on public networks.
In the main we would stress that there is very little to worry about, most of us lead such mundane lives that no-one would be too interested in our mobile phones and the data they contain. That said, there are a number of things you can do to help yourself just in case: