Our phone systems have become incredibly sophisticated, but the security that prevents potential hackers from accessing your phone hasn’t improved.
The equipment and software for a voice over IP phone hack:
A 7-year old Motorola cellular phone
$14 of hardware
A few free applications you could download from anywhere
We know because Karsten Nohl and Luca Meletteused the setup just mentioned to tap into all GPRS voice communications within a three mile radius of their location. They did it to prove a point about the level of protection on wireless networks. Some networks, such as GPRS, have little-to-no protection.
Convenient for You = Convenient for Hackers
We still intuitively feel our phone lines are safe… because many of us are stuck on the notion of phone lines. Even cellular phones were safe previously because they communicated in analog, and the only way to hack into an analog line was to head out to the back of your target’s house and hook up what was called a “butt-in set,” or “butt-set,” to the physical phone line. Only after physically connecting those lines could someone eavesdrop on your calls.
Voiceover IP (Internet Protocol) refers to TCP/IP, which is a language computers use to communicate with each other. If your phone system speaks IP, it is running over the computer network. Speaking in that language gives applications the ability to interact with your phone.
When companies switched over to IP, they standardized the language for convenience, but they also made cellular communications accessible to any hacker with a phone. Your phone can open up applications and access the network; illegal activity on the network can reach out to your phone and access you.
Now, people can eavesdrop on your conversations from anywhere in the world. They can hack the phone and listen for billing information, social security numbers or any data that could be used for a security breach.
You can protect yourself by understanding your phone conversations are not safe. Deliver sensitive information in person. And when browsing the network with your phone, try to navigate to HTTPS:// sites only. You will find HTTPS:// to the left of the web address. This means the website is secure, and your traffic is being encrypted. Wireless network security is improving, but it still has a long way to go.