I.D. Rank Security

Decrypting GSM. It is one thing for this to be happening in the shadows. It’s altogether another for an individual or group to be demonstrating and teaching how to eavesdrop on anyone within signal range (http://tinyurl.com/y9obtze).

It is very unfortunate that this time has come. We are in a period of massive electronic attacks from organizations perpetrating theft and terrorism, both from within organizations as well as from abroad. We know the information access has flattened with continual growth of the Internet. Now we have hand held phones which have more power, storage and throughput than the average notebook less than a decade ago, and we are on the verge of large growth of tablets and netbooks with broadband and cellular connection built into their offerings. Anyone feel electronically naked?

Cellular services today, and 4G of tomorrow, either must offer embedded strong encryption and authentication, or organizations and individuals need to address this landscape with add-on capabilities. Consider the following:
• GSM encryption is under global attack.
• SIM cards retain all SMS text messages, even those you believe were deleted.
• VoIP communications are typically not encrypted.
• And we have the need to continue coordinated information access in order to triangulate threats and connect the dots.

We live in an age where a $30 application can intercept video from U.S. military UAV, where $75 dongles can read everything on a SIM card - even those items disabled, and where conferences are held in places such as Kuala Lumpur and San Diego with experts training staff on how to hack Blackberry and Cloud communications, and now where individuals are beating their chest demonstrating how to crack and eavesdrop on GSM. Security can no longer be the red headed stepchild of IT and Telecommunications budgets. When the industry doesn’t provide it, then we have to add it to our solutions.

Let’s take our head out the sand in 2010.