Page 10 - index
P. 10
Susceptibility of cell phones to this kind of attack begins with the technology the phones employ.
Cell phones are network dependent so communication is done between cell phone and cell
tower; it is not a phone to phone transaction. In order for your service provider to know what cell
phone towers will have the best chance of sending your next call, email, etc. the cell phones
themselves are actively seeking out new towers to connect to – they don’t differentiate. Because
of this, the analogy of a naive child talking to strangers when illustrating how cell phones behave
is fairly accurate. Imagine your child with you as you walk through a large crowd and the child
says “hello” to every single individual you pass and if any of them ask, it will tell them everything
you’ve been doing all day long without you ever knowing about it.
In addition, the network is designed so the cell phone towers themselves (real or simulated)
control the parameters of the communications session not the phone, the tower (real or
simulated) makes the determination to use encryption or not. So, if someone is pretending to be
a cell phone tower, they can employ a command to any phone that connects to it to simply turn
off session encryption.
The “man in the middle” attack with an IMSI catcher takes advantage of these flaws and inserts
itself between the tower and the phones. Once a cellular phone is within range of and
connected to an active IMSI catcher, the phone is essentially under the control of someone else.
The attacker can access, remove, copy and send all the information on the phone, as well as
installing surveillance software for later use when the phone moves out of range. The real
benefit to this kind of attack is that there is little to no paper trail left; only the person performing
the attack really knows that it’s happening. The attacker can be right next door or over a mile
away and even act as a relay so that the phone still functions as normal, while monitoring all
traffic sent to and from it and everything picked up by its microphone and camera.
Many of these kinds of attacks happen even when the phone is turned off. How? The off mode
of most cell phones does not turn the phone entirely off; it’s not like the switch on a wall. The
screen may go dark, but the motherboard inside is still energized and waiting for signals from
the things attached to it, like the power button or the radio it uses for communications. “Off” in
this instance is like your television set being “off” until you point the remote at it and send it a
wireless command to turn on. So, whether on or off (again - off is not entirely “off”), infiltration of
a phone can go on undetected by the user; unless the screen suddenly lights up, there is almost
no clue the user would have to their phone being remotely accessed by another device.
The general public largely thinks of smartphones as a trustworthy life-enhancer relying mostly
on false assumptions on how they operate and who has access to them. Depending on the
brand, advertising for smartphones positions them somewhere between an always-dependable
lifeline and a way to save and share life’s moments. They are welcomed into our lives like a
trusted member of the family. While smartphones do have the power to make our lives easier
and connect us to others in a myriad of ways, the inherent danger they pose should be
recognized. Their microphones and cameras are essentially on all the time, gyroscopes and
SIM cards can be infiltrated and used in ways you wouldn’t expect, sensitive documents and
emails can be retrieved, copied and sent to anyone – and more – all without the user’s
knowledge.
10 Cyber Warnings E-Magazine – October 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide