Schneier on Security

A blog covering security and security technology.

« Face Recognition Comes to Bars | Main | Jury Duty Identity Theft Scam »

March 01, 2006

More on Greek Wiretapping

Earlier this month I blogged about a wiretapping scandal in Greece.

Unknowns tapped the mobile phones of about 100 Greek politicians and offices, including the U.S. embassy in Athens and the Greek prime minister.
Details are sketchy, but it seems that a piece of malicious code was discovered by Ericsson technicians in Vodafone's mobile phone software. The code tapped into the conference call system. It "conference called" phone calls to 14 prepaid mobile phones where the calls were recorded.

More details are emerging. It turns out that the "malicious code" was actually code designed into the system. It's eavesdropping code put into the system for the police.

The attackers managed to bypass the authorization mechanisms of the eavesdropping system, and activate the "lawful interception" module in the mobile network. They then redirected about 100 numbers to 14 shadow numbers they controlled. (Here are translations of some of the press conferences with technical details. And here are details of the system used.)

There is an important security lesson here. I have long argued that when you build surveillance mechanisms into communication systems, you invite the bad guys to use those mechanisms for their own purposes. That's exactly what happened here.

UPDATED TO ADD (3/2): From a reader: "I have an update. There is some news from the 'Hellenic Authority for the Information and Communication Security and Privacy' with a few facts and I got a rumor that there is a root backdoor in the telnetd of Ericssons AXE backdoor. (No, I can't confirm the rumor.)"

Posted on March 01, 2006 at 08:04 AM • 12 Comments • View Blog Reactions

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

The technical commitee that examines the issue concluded that the "intruders" must have had physical access --there was no way this could have been done remotely. So it's an insider thing.

Link (in Greek, unfortunately, but you can translate at systran.otenet.gr):
http://www.enet.gr/online/online_hprint.jsp?q=%F5%F0%EF%EA%EB%EF%F0%DD%F2&a=&id=80225496

Posted by: Dimitris Andrakakis at March 1, 2006 09:06 AM

@Dimitris:

Thanks for that additional info.

This underlines the point that "law enforcement" backdoors invite insider abuse.

Posted by: Andre LePlume at March 1, 2006 09:09 AM

Although it is partly an insider attack, keep in mind that those avenues are always open...

In the original Latin...

"Nihil tam munitum quod non expugnari pecuna possit" --Cicero

or "No fortress is so strong it cannot be taken by money" ...

You can always buy an insider for the physical access part. If you are ingenious enough, you only need to buy the insider once, and if you are really ingenious, the insider doesn't even know what they enabled.

In this case, without the lawful intercept system, the damage an insider could have done would have been much more limited.

Posted by: Chris S at March 1, 2006 09:18 AM

So, Vodaphone detected this abuse of their mandated lawful intercept backdoor through 'routine' software controls. That's an interesting explanation -- and raises some questions of its own.

But I'm more interested in:

Who were the attackers/evesdroppers?
Is it known what the evesdroppers heard?
Have there been arrests?

Posted by: Flo at March 1, 2006 10:05 AM

When the police can coerce a communication service into giving them a backdoor, they will also force them to prevent an audit trail. Why? Because the police will want to spy without the impediments of warrants. When they find somebody dirty, then they can dummy up some evidence to show the judge to get the warrant, then use the warrant-supported surveillance in court to convict the dirty guy.

Our FBI calls their own illegal unwarranted surveillance 'intel', as opposed to 'evidence', which they can use in court.

Because there is no audit trail, the system is open to anyone who learns how to get in.

Our judiciary subscribes to the idiotic premise that the police cannot uphold the law without breaking it first. I submit that this is the root of all evil.

Posted by: Roy at March 1, 2006 11:46 AM

@Dimitris Andrakakis

I call bull. This could definitely be done without physical access. Telephone exchanges are esentially large computers. Everything is remotely accessible. Doing so without insider knowledge would be difficult, but not nearly impossible depending on the level of security of the network. The one thing which would often be done with local access would be the installation/activation of the lawful interception software.

Please note also, that the papers given by Bruce do not describe the monitoring system. They describe the monitoring _management_ system. That would be a physically separate computer. The claim that the software was installed secretly wouldn't really match with an extra HP workstation suddenly appearing.

It is possible that the standard switch software used in Greece has the needed MML commands, but the IMS its self wasn't installed. The intercepts would have been configured manually. Note, that the Ericsson architecture described in the documents means that if there wasn't a central IMS, the attackers had access to every individual switch in the network (10s accross different cities) or at least several (required just to monitor subscribers moving around Athens).

I do not understand the bit about the interception only being active when the phones were calling. How do you know the phone is calling if there isn't an interception set up? Maybe it just means "if nobody was calling, then they weren't monitoring the call" which is kind of obvious.

Given what we've heard so far, which seems quite skillful, I wonder what they would have found if they did locate the phones? A secure room with a high speed internet connection? Data being uploaded to zombies in a different country?

Posted by: moz at March 1, 2006 03:28 PM

...another case to show the usefulness of end-to-end encryption of (mobile) communication... these people are just insane to allow a prime minister and other officials to use normal mobile phone equipment...

Posted by: Collin at March 1, 2006 04:02 PM

@moz:

Interesting analysis, thanks.

"...if they did locate the phones? A secure room with a high speed internet connection?"

Perhaps going out over WPA2 encrypted 802.11g over a 20 dBi flat panel antenna mounted sideways, to give +/-45° vertically and 10° horizontally. With the antenna mounted on a rotatable shaft, and the moment the burglar alarm triggers, a solenoid switches off and a falling weight rotates the mast to a random direction. The GSM modems, 802.11 base and glue logic are sitting in a cheap fire-resisting safe lying on its back (antenna cables and power running out the bolt-down holes), and seconds later the thermite turns it all to slag.

Posted by: Roger at March 1, 2006 11:19 PM

I've heard some rumors about telnetd on Ericssons AXE platform having a backdoor, something like the old "service accounts"... see my link for details.

The newspaper "Ta Nea" says that "maximum 10 people at Ericsson and Vodafone" had access to the systems.

Tryed to post a trackback, but all I get is "You are pinging trackbacks too quickly. Please try again later." even though I haven't sent a trackback here in weeks.

Posted by: betabug at March 2, 2006 02:35 AM

@moz:

I'm by no means a security expert, much less a telco one. This is a conclusion from the Authority for the Information and Communication Security and Privacy.

Posted by: Dimitris Andrakakis at March 2, 2006 03:44 AM

Hm.. I don't now!

Posted by: Jax at March 2, 2006 09:42 AM

Dear Sir,

I want to know Mr Bruce Schneier.

Why? He has been my hero since i started to know about cryptography. And now, i am writing on cryptography as my project. I need his technical assistance, it's a lot of of units this project work, and i want to score an "A"

My name is Nathan O. Justice

Posted by: Anonymous at May 3, 2006 02:07 PM