Security

12:03 PM
Melanie Rodier
Melanie Rodier
Commentary
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Beware: Hacking Your BlackBerry or iPhone Is Easy As One, Two, Three

As Britain reels from the massive phone hacking scandal which closed down the Rupert Murdoch-owned News of The World, you may want to consider exactly how secure your BlackBerry or iPhone is.

How can you avoid News Of The World-Style hacking of your smartphone? As Britain continues to reel from the massive phone hacking scandal which led to the sudden closing down of the Rupert Murdoch-owned News of The World -- the biggest English-language newspaper in the world -- you may want to consider exactly how secure your smartphone is.

According to British cell phone operator O2, phones such as those of ex-UK prime minister Gordon Brown were hacked due to lax security on their cell phones' voicemail system, the BBC reports. The News of The World's "investigators" exploited the fact that cell phone operators gave customers default pin numbers - 0000 or 1234 - to access their voicemail from another phone. O2 has since changed its system.

But before you rest easy, here is some bad news from hacker extraordinaire Kevin Mitnick, as reported by CNET.

To demonstrate how easy it still is to hack a phone, Minick accessed CNET's Elinor Mills'voice mail by tricking the reporter's "mobile operator equipment into registering the call as coming from the handset--basically pretending to be me."

From CNET:

To do this, he wrote a script using open-source telecom software and used a voice-over-IP provider that allows him to set caller ID, but there also are online services that provide similar capability that non-hackers could subscribe to. It might be easier or harder to accomplish depending on the mobile operator, he said.

Any 15-year-old that knows how to write a simple script can find a VoIP provider that spoofs caller ID and set this up in about 30 minutes," Mitnick said. "If you're not adept at programming, you could use a spoofing service and pay for it."

So... If you want to avoid having anyone use Caller ID Spoofing to access your voice mail, you need to change your phone settings to require a PIN even when checking voice mail from your mobile device. Which of course, is a pain. And it doesn't even address the fact that most mobile operators don't authenticate caller ID, CNET points out.

By the way, beyond phone hacking, you might also want to make sure you don't open any PDF documents on your iPhone or iPad: Apple mobile users are vulnerable to malicious code contained in PDF files.

So far, Android devices pose the greatest risk of mobile malware, according to CNN. But Apple's iPhone and iPad are also vulnerable to security flaws.

"Apple mobile users who download PDF files currently risk letting cybercriminals access their confidential information, intercept phone conversations or take over other aspects of their device. There is no evidence yet that cybercriminals have done this, but it could happen easily," CNN reports.

Apple says it's working to fix the bug, but there is no word from the Cupertino company on how long the vulnerability has existed, or even exactly when it will fix the problem.

Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio
Comment  | 
Print  | 
More Insights
More Commentary
Shared Reporting Services on the Horizon, Genpact Predicts
The financial services industry is starting to adopt shared services, resulting in reasonable impacts to the bottom line. Genpact expects a push for reporting efficiency will come next.
Don't Let the Cloud Rain on Your Operations Strategy Parade
Avoid migrating large applications all at once to minimize risk during a cloud project.
Could Intel Lose Data Center Market Share to ARM Chips?
ARM chips could be an alternative for certain purposes in the datacenter, but many questions have to be answered before they pose a threat to Intel's market dominance.
Cost to Trade: Hey, Banks, Itís Time to Face the Music
Why is calculating the cost to trade so difficult for banks? The answer is as complex as the calculations themselves.
M&A Activity Will Continue to Grow in 2015
Data shows that the M&A market continues to improve, and forecasts indicate deal making will be healthy in 2015.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8, October 2014
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Video