Story of the Greek Wiretapping Scandal
I’ve blogged a few times about the Greek wiretapping scandal. A system to allow the police to eavesdrop on conversations was abused (surprise, surprise).
Anyway, there’s a really good technical analysis in IEEE Spectrum this month.
On 9 March 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his Athens loft apartment, an apparent suicide. It would prove to be merely the first public news of a scandal that would roil Greece for months.
The next day, the prime minister of Greece was told that his cellphone was being bugged, as were those of the mayor of Athens and at least 100 other high-ranking dignitaries, including an employee of the U.S. embassy. [See sidebar “CEOs, MPs, & a PM.”]
The victims were customers of Athens-based Vodafone-Panafon, generally known as Vodafone Greece, the country’s largest cellular service provider; Tsalikidis was in charge of network planning at the company. A connection seemed obvious. Given the list of people and their positions at the time of the tapping, we can only imagine the sensitive political and diplomatic discussions, high-stakes business deals, or even marital indiscretions that may have been routinely overheard and, quite possibly, recorded.
[…]
A study of the Athens affair, surely the most bizarre and embarrassing scandal ever to engulf a major cellphone service provider, sheds considerable light on the measures networks can and should take to reduce their vulnerability to hackers and moles.
It’s also a rare opportunity to get a glimpse of one of the most elusive of cybercrimes. Major network penetrations of any kind are exceedingly uncommon. They are hard to pull off, and equally hard to investigate.
See also blog entries by Matt Blaze, Steve Bellovin, and John Markoff; they make some good security points.
EDITED TO ADD (10/22): More info:
The head of Vodafone Greece told the Government that as soon as it discovered the tapping software, it removed it and notified the authorities. However, the shutdown of the equipment prompted strong criticism of Vodafone because it had prevented the authorities from tracing the taps.
derf • July 10, 2007 1:24 PM
We just don’t have enough imagination in congress to keep this from happening. If law said that the head of any government agency and/or telecom corporation involved in illegal wiretapping be required to listen to every illegal recording made by them in a loop for the rest of their natural life, we just might see a bit less enthusiasm for CALEA and a little more support for privacy rights.