Security

12:03 PM
Melanie Rodier
Melanie Rodier
Commentary
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Beware: Hacking Your BlackBerry or iPhone Is Easy As One, Two, Three

As Britain reels from the massive phone hacking scandal which closed down the Rupert Murdoch-owned News of The World, you may want to consider exactly how secure your BlackBerry or iPhone is.

How can you avoid News Of The World-Style hacking of your smartphone? As Britain continues to reel from the massive phone hacking scandal which led to the sudden closing down of the Rupert Murdoch-owned News of The World -- the biggest English-language newspaper in the world -- you may want to consider exactly how secure your smartphone is.

According to British cell phone operator O2, phones such as those of ex-UK prime minister Gordon Brown were hacked due to lax security on their cell phones' voicemail system, the BBC reports. The News of The World's "investigators" exploited the fact that cell phone operators gave customers default pin numbers - 0000 or 1234 - to access their voicemail from another phone. O2 has since changed its system.

But before you rest easy, here is some bad news from hacker extraordinaire Kevin Mitnick, as reported by CNET.

To demonstrate how easy it still is to hack a phone, Minick accessed CNET's Elinor Mills'voice mail by tricking the reporter's "mobile operator equipment into registering the call as coming from the handset--basically pretending to be me."

From CNET:

To do this, he wrote a script using open-source telecom software and used a voice-over-IP provider that allows him to set caller ID, but there also are online services that provide similar capability that non-hackers could subscribe to. It might be easier or harder to accomplish depending on the mobile operator, he said.

Any 15-year-old that knows how to write a simple script can find a VoIP provider that spoofs caller ID and set this up in about 30 minutes," Mitnick said. "If you're not adept at programming, you could use a spoofing service and pay for it."

So... If you want to avoid having anyone use Caller ID Spoofing to access your voice mail, you need to change your phone settings to require a PIN even when checking voice mail from your mobile device. Which of course, is a pain. And it doesn't even address the fact that most mobile operators don't authenticate caller ID, CNET points out.

By the way, beyond phone hacking, you might also want to make sure you don't open any PDF documents on your iPhone or iPad: Apple mobile users are vulnerable to malicious code contained in PDF files.

So far, Android devices pose the greatest risk of mobile malware, according to CNN. But Apple's iPhone and iPad are also vulnerable to security flaws.

"Apple mobile users who download PDF files currently risk letting cybercriminals access their confidential information, intercept phone conversations or take over other aspects of their device. There is no evidence yet that cybercriminals have done this, but it could happen easily," CNN reports.

Apple says it's working to fix the bug, but there is no word from the Cupertino company on how long the vulnerability has existed, or even exactly when it will fix the problem.

Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio
Comment  | 
Print  | 
More Insights
More Commentary
M&A Activity Will Continue to Grow in 2015
Data shows that the M&A market continues to improve, and forecasts indicate deal making will be healthy in 2015.
Chief Data Officers: Organization Strategy & Cultural Change
Chief data officers are new to the financial services C-suite, but they are facing a number of challenges, including the need for new data governance and execution strategies, staffing, and new organizational structures to enable cultural change.
New York FinTech Innovation Lab Calls for New Entrepreneurial Applicants
Wells Fargo joins 14 other major financial institutions providing mentoring and guidance to the six chosen startups.
Micro Data Challenges in an Era of Macroprudential Regulation
Research and statistical analysis experts at central banks are tasked with developing sophisticated forecasts and models to identify systemic risk. Yet they are spending most of their time acting as data entry clerks, rather than developing these models.
The Perks of 'SmartSourcing' Shared Services in Financial Industry
A breadth of vital but undifferentiated business processes are still being replicated across the industry. They are all candidates for centralization.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8, October 2014
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Video