Full disclosure: I am not a hacker by any means. However, I do some stuff based on educated research work, which is why hacking catches my attention as a genuinely interesting subject. Plus, it is always fun to reverse engineer and come up with flaws in any system to make it more effective in the long run.
Photo of an Undated Def Con Competition | Google Images
Now moving to the subject of GSM phone hacking, I gathered tid bits of experience from all over the internet. To top it off, recently at the Def Con security conference, a nerdy researcher demonstrated something really amazing. He claimed that he could impersonate a GSM cell tower and intercept the mobile phone signals with only $1500 worth of equipment.
The interesting thing is that this guy proved his point after someone gave him a little over $1,000 to get started immediately.
How does the GSM snooping work?
The guy is known as Chris Paget; he was able to patch a com link between an IMSI catcher device and some random users for just about $1500. The IMSI catcher was configured by him to make it act like a real GSM tower – which, of course was a spoof and even though, it was a cheap move, it gotta admit that it was pretty impressive.
What happens to the calls?
No doubt, Paget was able to intercept calls, which simply means that the attacker can listen to any ongoing phone conversations on the GSM network. Given that you have your own GSM network or you just intercepted a network using Chris’s methods, you can probably get away with oodles of information. To the original GSM carrier, the phone appears to be offline or turned off because of the interception of fake “Paget” created tower.
Should I be worried that my mobile phone calls are being tapped?
Hmm, you should not be worried. In a very real world, which we all live in, the stiff necks from NSA, CIA and other organizations are already tapped into your conversations. To think of it, even you web browser, if it is Google Chrome, is aiding the government in extracting traces of information without your consent. So why cry over spilt milk? Just be CAREFUL when sharing your thoughts, information or anything that has to do with communicating with someone on the internet.
The hacking demonstration at Def Con Las Vegas was an eye opener and it doesn’t mean that it is a widespread technique. Hackers, of course will try to copy and enact the same demonstration and soon enough, we will hear some gory details about financial injuries, frauds and much more.