Cyber experts show vulnerability of GSM networks

Vulnerability of GSM mobile networks can be easily exploited by hackers.

Panaji: A group of cyber experts stunned a conference here when they showed the vulnerability of GSM mobile networks which can be easily exploited by hackers enabling them to impersonate a user`s identity and make calls from his account without a clue to the consumer.

The ethical group -- matrix shell -- gave a demonstration of the hacker`s technique on a live network of a leading mobile service provider in which they managed to make a call using the number of a audience member without actually using his phone or SIM.

Explaining the weaknesses of the GSM service providers at Nullcon, a conference of cyber security experts, defence and intelligence officials and ethical hackers, the group claimed that most of the telecom networks were not encrypting signals, which is common at the international level.

Akib, one of the group members, said another issue is authentication of a user by a mobile network when call is made.

However, Director General of Cellular Operators Association of India Rajan Mathews said, "this is not unusual and can happen to any operator. The networks of operators are handled by third party who are global players (like IBM, NSN).

Operators have methods and protocols in place to detect any such intrusion into their networks."

He also said whenever such a thing happens, the customer also calls to bring it to notice. So, operators are equipped to handle such situations.

Explaining the technique, he said just like every mobile phone has a unique identity number, called as IMEI number, the SIM cards have a unique identification number called as IMSI and in order to hide the identity of the user, the networks camouflage IMSI with a temporary identification number TMSI.

As per international norms, the temporary identity TMSI should be changed every time a call is made or received or SMS is sent or received, which is not being done by majority of providers, the group claimed without naming any telecom providers specific.

"In the absence of ever changing TMSI, any hacker can get corresponding IMSI using a small commonly available equipment. With mobile number and its IMSI, the network can be made to believe that hacker is actual customer and call can be authenticated," he said.

The GSM service providers are also not using encryption technology which makes them vulnerable to such impersonators, he said.

The group said the lack of authentication is exploited by hackers who can use phone of a specific brand (requested to withhold details to avoid misuse), a laptop and little bit of coding to impersonate another user`s identity and make calls and send sms using his account.

In the process, the victims remain unaware that his number is misused and money is being deducted from his account. While account is hacked, incoming calls will be received by the hacker, they showed through live demonstration.

The group also comprises Deepesh, a goldsmith, Vipul, and a garment businessman Nitin, who is in banking sector besides Akib who is a techie.

"We want to use this platform to make the telecom companies understand that there are vulnerabilities which can be exploited. Very few companies have employed technologies to fill this loop hole," he said.

Nullcon is an annual conference where cyber security experts, intelligence and defence officials, and ethical hackers converge to discuss vulnerabilities of cyber world.

Founders Murtaza, Asim Jakhar, Pratul and Antariksh said government agencies have been key participants since its start three years ago. "We had 18 applications when we started now we have 275 participants," the group said.