Photo

Reuters Photojournalism

Our day's top images, in-depth photo essays and offbeat slices of life. See the best of Reuters photography.  See more | Photo caption 

Photo

Berlusconi's women

A look at the women linked to former Italian Prime Minister Silvio Berlusconi.  Slideshow 

Photo

Harvesting tobacco

With the increasing health concerns with smoking in the U.S., traditional tobacco farmers sell their crop to growing markets outside the country.  Slideshow 

Sponsored Links

Hacking expert says mobile firms moved fast to fix cyber bug

Related Topics

LAS VEGAS | Wed Jul 31, 2013 8:26pm EDT

LAS VEGAS (Reuters) - A well-known security expert said mobile carriers have quickly protected customers from a security bug that he revealed 10 days ago and that he estimated had put more than 500 million phones at risk of cyber attacks.

Karsten Nohl, chief scientist with Berlin's Security Research Labs, led a research team at the German firm that figured out a way to remotely gain control of and also clone some mobile SIM cards.

"Pretty much every carrier we have spoken to has fixed it," Nohl said in advance of a talk late Wednesday afternoon at the Black Hat hacking conference in Las Vegas.

The team was the first to accomplish the hacking feat, which has long been a Holy Grail of mobile hackers. The tiny, highly secured devices are located in phones and allow operators to identify and authenticate subscribers as they use networks.

He discussed that three-year research effort late Wednesday afternoon in one of the most anticipated talks at Black Hat, a conference where some 7,000 security professionals gathered to hear about the latest risks posed by hacking.

Nohl said at a news conference prior to that talk that he would not be able to demonstrate part of his technique for attacking SIM cards because he had prepared to show it on SIMs from five carriers, but that all five carriers had made changes to prevent them from being hacked.

Nohl is a so-called "white hat," or a hacker who figures out how to attack things in a bid to find vulnerabilities so that companies can fix bugs before criminals can exploit them.

He told Reuters that he was pleased that they had implemented the fix before his demonstration because that means they are ahead of criminal hackers, who could use compromised SIMs to commit financial crimes or engage in electronic espionage.

Nohl said that carriers have used methods to fix the bug in SIM cards without having to physically replace them, which would have been quite costly.

He said he was not sure whether all carriers around the world have fixed the bug, but that he had checked with many major carriers and that they had gone ahead and taken care of the security problem.

(Reporting by Jim Finkle; Editing by Ken Wills)

 
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (0)
Be the first to comment on reuters.com.
Add yours using the box above.