Hackers see 3G as prize target

Despite more paranoia and stiffer security than ever, IP-based telecommunications servers are fast becoming the new 'holy grail' for the black hat hacking community, with a highly embarrassing intrusion at US based carrier T-Mobile the latest ugly incident.

According to evidence tendered before a grand jury in California, Nicholas Jacobsen is alleged to have compromised T-Mobile's internal computer systems in 2003 and gained access to sensitive details on 400 customers including sensitive information from the US Secret Service.

However, the question of whether 3G networks are intrinsically more vulnerable to attack has left analysts and telcos divided.

Michael Young, technology infrastructure and services director for Hutchison Telecoms, says the risk of attacks on telcos can't be compared to the risk in any other industry.

"All telcos construct their internal systems around various points of entry for the customer - whenever you have that, a network is opened up to those that might try to enter in an illegal way," Young said.

"Handsets with operating systems are mini-PCs today that depend on [embedded] software in the handset as well as interacting on the network. We have the ability to stop issues before they become systemic. We assume the worst-case scenario all the way through. You have to assume paranoia right across the board.

"In the last two to three years you do have [miscreants] trying to prove a point through accessing systems," Young said.

Frost & Sullivan security analyst, James Turner said hacking a telco's servers was a cut above the norm for most hackers, with some prepared to physically break in to access information.

"Historically, breaking in is how telco hacking would have occurred. But you need a deep technical knowledge and the gear that goes with it," Turner said.

"[Hackers] getting their hands dirty by physical invasion will be the exception - [although] there is a small subset that take on telcos - the creme de la creme," Turner said.

IDC mobility and wireless analyst Warren Chaisatien warned that while hacking telco servers through a 3G handset is technically possible, carriers already deployed rigid security measures.

"A weak link between the handset and the carrier is unheard of as yet, but it could happen," Chaisatien said, adding viruses posed another risk as they could potentially be transferred from handset to handset or servers.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email Computerworld
• Follow Computerworld on twitter

• Share
  Share this article

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark