News / Science & Technology

    UN Warns on Mobile Cybersecurity Bugs to Prevent Attacks

    A woman holds up a SIM card, which she won in a June lottery, in Rangoon, Burma, June 24, 2013. A woman holds up a SIM card, which she won in a June lottery, in Rangoon, Burma, June 24, 2013.
    x
    A woman holds up a SIM card, which she won in a June lottery, in Rangoon, Burma, June 24, 2013.
    A woman holds up a SIM card, which she won in a June lottery, in Rangoon, Burma, June 24, 2013.
    Reuters
    A United Nations group that advises nations on cybersecurity plans to send out an alert about significant vulnerabilities in mobile phone technology that could potentially enable hackers to remotely attack at least half a billion phones.

    The bug, discovered by German firm, allows hackers to remotely gain control of and also clone certain mobile SIM cards.

    Hackers could use compromised SIMs to commit financial crimes or engage in electronic espionage, according to Berlin's Security Research Labs, which will describe the vulnerabilities at the Black Hat hacking conference that opens in Las Vegas on July 31.

    The U.N.'s Geneva-based International Telecommunications Union, which has reviewed the research, described it as "hugely significant."

    "These findings show us where we could be heading in terms of cybersecurity risks," ITU Secretary General Hamadoun Touré told Reuters.

    He said the agency would notify telecommunications regulators and other government agencies in nearly 200 countries about the potential threat and also reach out to hundreds of mobile companies, academics and other industry experts.

    A spokeswoman for the GSMA, which represents nearly 800 mobile operators worldwide, said it also reviewed the research.

    "We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted," said GSMA spokeswoman Claire Cranton.

    Nicole Smith, a spokeswoman for Gemalto NV, the world's biggest maker of SIM cards, said her company supported GSMA's response.

    "Our policy is to refrain from commenting on details relating to our customers' operations," she said.

    Becoming the SIM

    Cracking SIM cards has long been the Holy Grail of hackers because the tiny devices are located in phones and allow operators to identify and authenticate subscribers as they use networks.

    Karsten Nohl, the chief scientist who led the research team and will reveal the details at Black Hat, said the hacking only works on SIMs that use an old encryption technology known as DES. The technology is still used on at least one out of eight SIMs, or a minimum of 500 million phones, according to Nohl.

    The ITU estimates some 6 billion mobile phones are in use worldwide. It plans to work with the industry to identify how to protect vulnerable devices from attack, Touré said.

    Once a hacker copies a SIM, it can be used to make calls and send text messages impersonating the owner of the phone, said Nohl, who has a doctorate in computer engineering from the University of Virginia.

    "We become the SIM card. We can do anything the normal phone users can do," Nohl said in a phone interview. "If you have a MasterCard number or PayPal data on the phone, we get that too."

    IPhone, Android, BlackBerry

    The mobile industry has spent several decades defining common identification and security standards for SIMs to protect data for mobile payment systems and credit card numbers. SIMs are also capable of running apps.

    Nohl said Security Research Labs found mobile operators in many countries whose phones were vulnerable, but declined to identify them. He said mobile phone users in Africa could be among the most vulnerable because banking is widely done via mobile payment systems with credentials stored on SIMs.

    All types of phones are vulnerable, including iPhones from Apple Inc, phones that run Google Inc's Android software and BlackBerry Ltd smartphones, he said.

    BlackBerry's director of security response and threat analysis, Adrian Stone, said in a statement that his company proposed new SIM card standards last year to protect against the types of attacks described by Nohl, which the GSMA has adopted and advised members to implement.

    Apple and Google declined comment.

    CTIA, a U.S. mobile industry trade group based in Washington, D.C., said the new research likely posed no immediate threat.

    "We understand the vulnerability and are working on it," said CTIA Vice President John Marinho. "This is not what hackers are focused on. This does not seem to be something they are exploiting."

    You May Like

    How Aleppo Rebels Plan to Withstand Assad's Siege

    Rebels in Aleppo are laying plans to withstand a siege by Syrian President Bashar al-Assad’s forces in likelihood the regime cuts a final main supply line running west of city

    Probe Targeting China's Statistic Head Sparks Concern

    Economists now asking what prompted government to launch an investigation only months after Wang Baoan had been vetted for crucial job

    HRW: Both Sides in Ukraine Conflict Targeted, Used Schools

    Rights group documents how both sides in Ukraine conflict carried out attacks on schools and used them for military purposes

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Russia's Car Sales Shrink Overall, But Luxury and Economy Models See Growthi
    X
    February 10, 2016 5:54 AM
    Car sales in Russia dropped by more than a third in 2015 because of the country's economic woes. But, at the extreme ends of the car market, luxury vehicles and some economy brands are actually experiencing growth. VOA's Daniel Schearf reports from Moscow.
    Video

    Video Russia's Car Sales Shrink Overall, But Luxury and Economy Models See Growth

    Car sales in Russia dropped by more than a third in 2015 because of the country's economic woes. But, at the extreme ends of the car market, luxury vehicles and some economy brands are actually experiencing growth. VOA's Daniel Schearf reports from Moscow.
    Video

    Video Civil Rights Pioneer Remembers Struggle for Voting Rights

    February is Black History Month in the United States. The annual, month-long national observance pays tribute to important people and events that shaped the history of African Americans. VOA's Chris Simkins reports how one man fought against discrimination to help millions of blacks obtain the right to vote
    Video

    Video Jordanian Theater Group Stages Anti-Terrorism Message

    The lure of the self-styled “Islamic State” has many parents worried about their children who may be susceptible to the organization’s online propaganda. Dozens of Muslim communities in the Middle East are fighting back -- giving young adults alternatives to violence. One group in Jordan is using dramatic expression a send a family message. Mideast Broadcasting Network correspondent Haider Al Abdali shared this report with VOA. It’s narrated by Bronwyn Benito
    Video

    Video Migrant Crisis Fuels Debate Over Britain’s Future in EU

    The migrant crisis in Europe is fueling the debate in Britain ahead of a referendum on staying in the European Union that may be held this year. Prime Minister David Cameron warns that leaving the EU could lead to thousands more migrants arriving in the country. Meanwhile, tension is rising in Calais, France, where thousands of migrants are living in squalid camps. VOA's Henry Ridgwell reports.
    Video

    Video Valentine's Day Stinks for Lebanese Clowns

    This weekend, on Valentine's Day in Lebanon, love is not the only thing in the air. More than half a year after the country's trash crisis began, the stink of uncollected garbage remains on the streets. Step forward "Clown Me In," a group of clowns who use their skills for activism. Before the most romantic day of the year the clowns have released their unusual take on love in Lebanon -- in a bid to keep the pressure up and get the trash off the streets. John Owens reports from Beirut.
    Video

    Video Families Flee Aleppo for Kurdish Regions in Syria

    Not all who flee the fighting in Aleppo are trying to cross the border into Turkey. A VOA reporter caught up with several families heading for Kurdish-held areas of northern Syria.
    Video

    Video Rocky Year Ahead for Nigeria Amid Oil Price Crash

    The global fall in the price of oil has rattled the economies of many petroleum exporters, and Africa’s oil king Nigeria is no exception. As Chris Stein reports from Lagos, analysts are predicting a rough year ahead for the continent’s top producer of crude.
    Video

    Video 'No Means No' Program Targets Sexual Violence in Kenya

    The organizers of an initiative to reduce and stop rape in the informal settlements around Kenya's capital say their program is having marked success. Girls are taking self-defense classes while the boys are learning how to protect the girls and respect them. Lenny Ruvaga reports from Nairobi.
    Video

    Video Chocolate Lovers Get a Sweet History Lesson

    Observed in many countries around the world, Valentine’s Day is sometimes celebrated with chocolate festivals. But at a festival near Washington, the visitors experience a bit more than a sugar rush. They go on a sweet journey through history. VOA’s June Soh takes us to the festival.
    Video

    Video 'Smart' Bandages Could Heal Wounds More Quickly

    Simple bandages are usually seen as the first line of attack in healing small to moderate wounds and burns. But scientists say new synthetic materials with embedded microsensors could turn bandages into a much more valuable tool for emergency physicians. VOA’s George Putic reports.
    Video

    Video Researchers Use 3-D Printer to Produce Transplantable Body Parts

    Human organ transplants have become fairly common around the world in the past few decades. Researchers at various universities are coordinating their efforts to find solutions -- including teams at the University of Pennsylvania and Rice University in Houston that are experimenting with a 3-D printer -- to make blood vessels and other structures for implant. As VOA’s Greg Flakus reports from Houston, they are also using these artificial body parts to seek ways of defeating cancerous tumors.
    Video

    Video Helping the Blind 'See' Great Art

    There are 285 million blind and visually impaired people in the world who are unable to enjoy visual art at a museum. One New York photographer is trying to fix this situation by making tangible copies of the world’s masterpieces. VOA correspondent Victoria Kupchinetsky was there as visually impaired people got a feel for great art. Joy Wagner narrates her report.
    Video

    Video German Artists to Memorialize Refugees With Life Jacket Exhibit

    Sold in every kind of shop in some Turkish port towns, life jackets have become a symbol of the refugee crisis that brought a million people to Europe in 2015.  On the shores of Lesbos, Greece, German artists collect discarded life jackets as they prepare an art installation they plan to display in Germany.  For VOA, Hamada Elrasam has this report from Lesbos, Greece.
    Video

    Video E-readers Help Ease Africa's Book Shortage

    Millions of people in Africa can't read, and there's a chronic shortage of books. A non-profit organization called Worldreader is trying to help change all that one e-reader at a time. VOA’s Deborah Block tells us about a girls' school in Nairobi, Kenya where Worldreader is making a difference.