Cellular networks breach not easily executed 'live'

Singapore telcos and market players, with support from GSM Association, say recent vulnerabilities found in GSM and 3G algorithms hard to execute.
Written by Kevin Kwang, Contributor

SINGAPORE--Local telcos have responded in unison to assure their security protocols are up to date with the latest industry standard, following reports that algorithms in GSM (global system for mobile communications) and 3G networks have been breached.

German computer engineer Karsten Nohl, in a New York Times report in December 2009, was said to have cracked the A5/1 algorithm used to encrypt signals emitted by GSM phones, which account for 3.5 billion of the world's 4.3 billion wireless connections.

A month later, Ars Technica reported how researchers spent a few hours on a standard PC to create an attack targeting the encryption algorithm, also commonly used in 3G networks. The encryption technique, also known as Kasumi, is based on another encryption technique dubbed Misty, but pared down to run faster and is more hardware-friendly.

Asked about the security vulnerabilities, local operators say any potential attacks would be difficult to execute.

MobileOne's (M1) general manager for corporate communications, Chua Swee Kiat, said: "There are many complex as well as practical obstacles to overcome in attempting to eavesdrop on GSM services, and the process is not as simple and straightforward as claimed".

Chua, together with representatives from fellow operators StarHub and SingTel, pointed to a blog entry posted by the GSM Association (GSMA) in response to the two instances of network breaches. Referring to the same post, handset maker Nokia also said it "shared the industry view" on this matter.

In the post, the GSMA explained that while there have been academic papers presenting theoretical examples of how the A5/1 algorithm can be broken into, to date, none have led "to a practical attack capability" being developed against the algorithm "that can be used on live, commercial GSM networks".

The post also noted that before an attack can be carried out on GSM networks, the call has to be identified and recorded from the radio interface.

"So far, this aspect of the methodology has not been explained in any detail and we strongly suspect that the teams attempting to develop an intercept capability have underestimated its practical complexity," the GSMA said.

In e-mail statements to ZDNet Asia, all three Singapore telcos said they are committed to protecting the privacy of their customers' communications and are working closely with the GSMA and other technology providers, to ensure the integrity of their networks will not be compromised.

When asked about the possible ramifications of the cellular network breaches, security vendor Trend Micro declined to comment on specifics but said such incidents can help increase user awareness about mobile security.

Danny Siew, senior director for technical support at Trend Micro, said in an e-mail interview: "While we cannot comment on the effects that these will have on the market, we hope that the knowledge of these network encryptions being cracked will lead users to greater understanding of the need for total data protection on every platform, including mobile phones."

Consumer behavior determines cybercrimes
Siew noted that historically, there has not been any mobile threat capable of creating a high impact on the industry. However, he pointed to the evolving mobile handset landscape as well as consumer behavior, as causes for a possible proliferation of mobile security threats in the near future.

"As the mobile landscape changes, with smartphones comprising huge amounts of memory and storing a host of sensitive data on devices such as the Apple iPhone and those running Google's Android operating system, these devices may increase as a popular target for cybercriminals," Siew cautioned.

He added that consumer acceptance of mobile-based financial activities is increasing, with handset banking applications being advertised on prime-time television in some countries.

"With this change in consumer behavior, and the possibility of some sort of handset monoculture being created for the first time, there is increased potential for more mobile-related malicious activity, the extent of which will be dictated by consumer behavior," he said.

Ronnie Ng, senior manager for systems engineering at Symantec Singapore, noted that with regard to securing valuable information, "an ounce of protection is worth a ton of cure".

"Organizations need to have effective security measures in place to protect data in use, in transit or at rest," Ng said in an e-mail. To safeguard enterprise data integrity, he recommended businesses implement data loss prevention measures such as blocking network transmissions that contain confidential data and preventing removable media from being copied.

Editorial standards