Frailty of GSM network revealed, as calls are easily intercepted

Phones that connect with 2G or 3G networks might possibly be intercepted as easily as on WiFi networks.

Speaking to SC Magazine, Peter Cox, CEO of UM Labs, said all smartphones use GSM to work on 2G, 3G and 4G networks, but calls might be intercepted with software similar to a GSM base station, which act as cellphone aeriels.

“You will pay £1,500 for the software with a radio and listen in to calls, and as you switch the signal up, phones will automatically join it because it is a sturdy signal,” he said.

Following a presentation made to him, Chris Bryant MP issued the subsequent statement in Parliament last July: “Yesterday afternoon we heard that the fellow who's in control of counter-terrorism within the Metropolitan Police is 99 per cent certain that his phone was hacked.

“An hour later, i used to be shown a chunk of equipment that costs about £1,500 and is quickly available on the web. It effectively sets up an illegal cellphone mast in which it's possible to hear any conversation held by anyone on a cellphone within three miles.”

A UM Labs whitepaper said the system demonstrated to Bryant was in keeping with an open-source software project, which has built a low-cost GSM base station using a commercially available software-controlled radio system.

The radio connects to a laptop via a USB cable and the entire system is sufficiently small to be packaged right into a briefcase. To watch a GSM call, the system is configured to function as a base station at the appropriate network, and any nearby phones will join the bottom station if that station broadcasts the strongest available signal.

It said the mobile operators cannot solve this problem as they need to support dated technologies that are burdened with the vulnerabilities that enable call monitoring and interception. Even supposing they can change technology overnight, there's still a risk that a rogue employee at a mobile operator could monitor calls, or that an overseas operator can be pressured to give access to calls.

Cox said: “Phones are configured to run on 2G or 3G, but you may tap into either. The answer is to apply voice-over-IP (VoIP) technology or call encryption. It is easy as there aren't any keys to cope because the voice data isn't stored.”

Cox claimed that the theorem of using VoIP is catching on as stories about phone-hacking and speak to interception continue. UM Labs said just switching to VoIP doesn't solve the issue, as mobile data channels may well be monitored as easily as voice, and monitoring WiFi is even easier, adding however that VoIP makes it easy to feature effective call encryption.

Also, because the VoIP application, and therefore the encryption, is totally under the user's control, secure end-to-end encryption is usually established from the mobile handset to a trusted point within the user's network or to a trusted hosted service.