TETRA  |  2012-02-22

Warning of increased GSM + TETRA attacks

Source: The Critical Communications Review | Gert Jan Wolf editor

it is not just your mobile phone, your laptop and your cordless phone – we’re also looking at hacking emergency services.

Much worse than mere voicemail hacking. Greg Jones, a director of wireless security specialist, Digital Assurance is warning of the dangers posed by the increasing availability of low cost software defined radio (SDR) solutions. He says, “It’s extremely likely that criminal gangs, hacktivists and others will all show a growing interest in [SDR]. And we’re not just talking about the hacking of individual mobile phones here but the possible compromise of critical infrastructure.” In a nutshell, what Mr Jones is suggesting is that thanks to SDR it’s no longer possible to assume that calls made over commercial and specialist wireless networks are inherently secure.

We’re back to the bad old days when ham radio enthusiasts could list into analogue cellular calls. Who remembers the infamous Squidgygate tapes, for example? There’s nothing inherently evil about SDR technology. In effect, its arrival has helped to make devices like cellular phones cheaper by dispensing with the need for multiple, dedicated wireless chipsets.

So what’s going on? Jones says, “Those attempting to compromise wireless communications systems in the past have used expensive equipment coupled with advanced signal analysis skills.”


This is a reference to the fact that breaking standard GSM signals previously required a supercomputer. Not any more, apparently.

“SDR devices typically use a standard PC to capture and manipulate radio spectrum potentially allowing an attacker to capture and demodulate advanced radio systems which were previously inaccessible to the hacking community,” Jones explains.

He doesn’t actually mention it but if that ‘standard PC’ includes a laptop we could be in deep trouble. Think innocuous white van sitting outside your home/office.


Which advanced systems is he talking about? Well, the list includes mobile networks such as GSM, Wi-fi, WiMAX, DECT and even TETRA.

So that’s not just your mobile phone, your laptop and your cordless phone - we’re also looking at hacking emergency services.

Think police radio scanners used by crooks to know if they’ve been detected yet.


Just to make the point Jones even names the tools a budding SDR hacker needs. The USRP (Universal Software Radio Peripheral) coupled with open source software like GNU Radio. 


Source: GOMO News ( Strategic Mobile News)