Mobile Phone Flaw Opens 500 Million SIMs To Hackers

A flaw has been discovered in the security of 500 million mobile phones that could make them vulnerable to attack, cyber researchers have said.

The bug, discovered by German firm Security Research Labs, allows hackers to remotely gain control of and also clone certain mobile SIM cards. Hackers could use compromised SIMs to commit financial crimes or engage in espionage.

The technique will be presented at the Black Hat hacking conference that opens in Las Vegas on July 31. The UN's Geneva-based International Telecommunications Union , which has reviewed the research, has described it as "hugely significant".

"These findings show us where we could be heading in terms of cybersecurity risks," said ITU secretary general Hamadoun Touré. He said the agency would notify telecommunications regulators and other government agencies in nearly 200 countries about the potential threat, and also reach out to hundreds of mobile companies, academics and other industry experts.

Karsten Nohl, the chief scientist who led the research team, said the hacking only works on SIMs that use an old encryption technology known as DES. However, that technology is still used on at least one out of eight SIMs, or a minimum of 500 million phones, according to Mr Nohl.

Source

I wonder if someone has already found this flaw and managed to use it to their advantage? If something had happened to your finances for example, you would never suspect your mobile as being the one thing to let someone in, I'm glad they've found it, just got to hope they fix it now. 500m phones is a hell of a lot.

DES is only 56 bit iirc and has never been considered secure for anything confidential even by the US government, i'd imagine that the sim uses DES but theres some flaw in the handling of the keys that will allow someone to guess the key, probably due to export controls for encryption which banned anything over 40bits from being exported without a license from uncle sam so it needed a fix which probably used the sims unique id to be the key

I would imagine this isn't a secret flaw, instead a built in backdoor that is now public.
"quick make it look like a flaw, they found it"

The DES technology it was humans so it can be broken by humans. It's interesting how Security Research Labs in Germany was the one to disclose the infiltration premise. It would be cheaper for governments to open up a market and approve new tech for economy's sake than to keep things quiet. New better phones, for more new security!

When DES was new, it was touted to the international security in governments, not governments themselves, as a valuable tool to sell to consumers. How else do these technologies get accepted by the nations with their special compliance seals and approval marks for selling? It might be said that it was sold that for about every hundred sales the international security groups could get twenty to thirty percent of that back into their intelligence profit, which is why it was approved in the first place.

There was DES, I recall. There was DES 2, but I think the second one did not sell so well, mostly because once you get that into a bureaucracy, the ones in power will drag their heels at change and innovation. These ideas were circulating around the time when I barely had an Atari 2600. There were more advanced ideas but no matter how smart the salesman sometimes the national group won't agree to mass production of things. An overabundance of encryption technology plus designs would put too much security responsibility on their consciences.

Was the designer conscious of the security risks? Of course, which explained the necessity for continuous new designs, but it's not his fault now, but the intelligence companies that resisted innovation. Well now it appears they have finally caught up and are efforting to scrub that older tech out of the hands of the consumers and deny involvement in profiting from cell phone farming.