Mobile phone surveillance: Who’s listening to your calls?

In the current digital world, espionage is much more common than we think. Revelations from Edward Snowden that the NSA hacked SIMs to spy on mobile conversations prove that physical proximity is no longer necessary for surveillance.

It is for this reason that mobile gadgets make ideal tools for surveillance. This is due to the many devices that tend to include microphones, cameras, GPS, WiFi, or storage capacity. Hackers are easily able to keep watch on their victims by simply infecting a mobile phone or interfering with wireless communications – often without cutting-edge technology.

So while the benefits of increased online and mobile working are widely accepted – and these include ubiquitous access to information, flexibility, and improved productivity – are companies aware of the risks and more importantly prepared to step up and manage them?

How does mobile surveillance work?

The thing about mobile surveillance is that it is usually a targeted attack, with the objects of the surveillance preselected. Top executives and politicians, for instance, are often targeted because they manage strategic plans that have great economic impact. Attacks of this kind tend to include social engineering strategies and are very often associated with advanced persistent threats.

The simple truth is that a mobile ecosystem requires a permeable security perimeter through which legitimate communications can flow. However, criminal organisations can make use of these channels to steal information or boycott the corporate infrastructure. The implementation of enterprise mobile strategies involves a higher degree of vulnerability, which can and should be efficiently managed. Let’s look at some of the techniques used in cellphone surveillance:

How is voice communication intercepted?

There are a number of methods in which voice communication could be intercepted. These include:

Interception of public mobile networks

2G networks are not a secure communication channel. Hackers can make use of inhibition devices (such as Jammer) to force a downgrade from 3G or 4G networks to 2G, in order to listen through specialised devices.

Man in the middle

ARP (Address Resolution Protocol) spoofing can allow an attacker to intercept data frames on a network, modify, or stop all traffic. It is also possible to intercept the communications by means of rogue hotspots or antennas. SSLStrip can then force a victim's device into communicating with an adversary, replacing HTTPS protocols by plain-text over HTTP.

Risks in the Public Switched Telephone Network (PSTN)

Communications are unencrypted – as in the case of voice and SMS text – while they go through the core operator infrastructure. Other risks are uncontrolled call forwarding and spoofing.

Malware installed on the device

Malware can intercept packages between the call application and the operating system, or even capture the voice directly accessing the microphone software controllers.

What features should a secure call system fulfil?

A secure call system works by making voice digitised, encrypted, and transmitted in data packets through the mobile data network. The product should combine telephone and messaging protection, powered by security mechanisms and advanced point-to-point encryption technologies compatible with IP communication.

So what can companies and individuals do to secure calls?

Secure the smartphone

There are two modalities of secure smartphones. Firstly, a device built from the ground up with specific hardware and a secured OS. Second, modality deals with popular devices that includes a pre-installed secured OS. In both cases secured OSs consist of high-end mobile threat protection components, containerisation, encrypted storage, remote management, and authentication system. These are usually the most expensive solutions and less flexible.

Secure add-ons

Physical components such as smartphone cases or SD memories, which address the voice encryption by means of an encryption processor included in the add-on itself. It wouldn’t matter if the device itself became infected since the information goes through the component encrypted.

Secure call apps

These apps allow users to make end-to-end encrypted phone calls from the most popular mobile OSs. The user experience is similar to the pre-installed non-secure call application. Contacts and messages are encrypted and stored by the app itself.

What does an optimal solution look like?

In a general corporate setting, hardware solutions can be difficult to deploy as they require a different smartphone model, a second smartphone or some kind of attached hardware. This may discourage users from making calls and may generate a fake sense of security in the security department. As a result, hardware solutions are not especially suitable for a general business. These solutions may be helpful for a limited group of senior managers or for the most security demanding environments such as the military, government, or companies that need the highest level of protection.

Edward Snowden brought to light the need to protect company communications, and to update security to the digital age – against malware, network attacks, exploits or any other type of attack that could impact businesses significantly. Secure call applications combined with an advanced threat protection are by far cheaper and more user friendly than a secure smartphone and can be managed through a mobile device management.
Eliminating surveillance doesn’t have to be complex, and businesses need to bake security prevention into their company policy from the off.

Francisco Oteiza – Global Product Manager in Mobile Security at Telefónica