Jim Finkle reports in Reuters that:
A United Nations group that advises nations on cybersecurity plans to send out an alert about significant vulnerabilities in mobile phone technology that could potentially enable hackers to remotely attack at least half a billion phones.
He further reported that:
The bug, discovered by German firm, allows hackers to remotely gain control of and also clone certain mobile SIM cards.
Hackers could use compromised SIMs to commit financial crimes or engage in electronic espionage, according to Berlin’s Security Research Labs, which will describe the vulnerabilities at the Black Hat hacking conference that opens in Las Vegas on July 31.
The U.N.’s Geneva-based International Telecommunications Union, which has reviewed the research, described it as “hugely significant.”
“These findings show us where we could be heading in terms of cybersecurity risks,” ITU Secretary General Hamadoun Touré told Reuters.
He said the agency would notify telecommunications regulators and other government agencies in nearly 200 countries about the potential threat and also reach out to hundreds of mobile companies, academics and other industry experts.
A spokeswoman for the GSMA, which represents nearly 800 mobile operators worldwide, said it also reviewed the research.
“We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted,” said GSMA spokeswoman Claire Cranton.
Nicole Smith, a spokeswoman for Gemalto NV, the world’s biggest maker of SIM cards, said her company supported GSMA’s response.
We are still analyzing this, but for now must report that this looks really ugly.
The report also had what seems to be a very moronic statement by someone who seems to be saying “don’t worry, hackers are not going to exploit this vulnerability because they have not done it yet.” Ha!
For the full report see: http://www.reuters.com/article/2013/07/21/net-us-mobile-hacking-idUSBRE96K04N20130721