by Andreea-Luciana Ostache
August 26, 2013
Destroying a myth: the unbreakable SIM card Your personal information, banking and credit card info can all be at risk. If the phrase”SIM card protection” doesn’t ring a bell, then we strongly advise you to keep reading to learn more.
Before we get into explaining how a SIM (subscriber identity module) card can be exploited and why we need to secure it, we must first see what exactly the SIM card is. A SIM card contains:
- A unique serial number (ICCID)
- The international mobile subscriber identity (IMSI)
- The security authentication and ciphering information
- Temporary information related to the local network
- A list of the services the user has access to
- Two passwords: a personal identification number (PIN) for ordinary use and a personal unblocking code (PUK).
When we enter our SIM card into the phone, it will connect us to the network of the carrier and we can start using the phone without knowing or caring much about what happens in the background. However, Karsten Nohl, the founder of Security Research Labs in Berlin, says he has found a flaw in the encryption technology used in some SIM cards. This vulnerability could enable a hijacker to take control of a person’s phone. The encryption is used to disguise the SIM card (the unique serial number). Click here to learn more : http://srlabs.de/sim-card-workshope-ohm2013/
Without advanced protection, hijackers can easily exploit your SIM card
The flaw allows someone to take control of the phone via SMS (short text message) and allows them to install malicious software, obtain personal information, listen to our calls and even make purchases. The problem is even more serious, because there are banking applications, games and other programs and sites that validate accounts via SMS. With this information in hand, there is no knowing how extensive the damage can be, once a SIM card has been hijacked. While most carriers have adopted a stronger encryption method, called Triple DES, there are a significant number of cards still vulnerable. Carriers have been notified of the flaw and are trying to address the issue, but our recommendation is that you secure your phone with a security application that will catch and neutralize any hacking attempts, such as BullGuard Mobile Security
. For your SIM card protection and yours. Posted by Andreea Luciana Ostache