Black Hat: Mobile carriers react quickly to major SIM card vulnerability

Share this article:
When reports were published detailing how vulnerable SIM cards are to attacks, many mobile companies were quick to react, according to the security researcher that discovered the vulnerability.

Just weeks ago, Karsten Nohl, founder of Security Research Labs, announced his findings regarding the massive mobile vulnerability that could affect hundreds of millions of mobile phones worldwide. Knowing the findings would be presented in detail at Black Hat 2013 in Las Vegas created a deadline for mobile carriers, he said.

"Industry was extremely fast to respond to this," Nohl said during his talk on Wednesday. "[They] took away the incentives for criminals to even research this vulnerability by putting in the fix even before we got to demonstrate it."

During the two-year research process, more than 1,000 SIM cards were experimented on by Nohl and his team. The findings revealed a major vulnerability in SIM cards that would allow an attacker to download malicious software onto the victim's SIM card, access data and operate it as the normal owner would.

According to Nohl, the process would start when a miscreant sends a text message to the victim's SIM card that they don't even see because it's sent in binary format. While the message attempts to communicate with the SIM card, there are security protocols in place that causes the card to flag the message. The SIM then responds to the attacker's message and within that message is data that can be decrypted due to the antiquated Data Encryption Standard (DES) technology used by mobile carriers, Nohl said.

Included in the data is a cryptographic signature key that would allow the attacker to upload small applications – known as applets – to the device, giving them complete control of it, Nohl said.

While some mobile carriers brushed off the vulnerability, leading him to believe they didn't look into the issue, Nohl said that a majority of the industry has been extremely constructive working with his team as well as with one another.

"[That] made this a real success story in mitigation," he said. "It is a new research field that generated the first, not the last, results of its kind."
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.