Cellular SIM cards are vulnerable
This post is also available in: 
עברית (Hebrew)
Subscriber Identity Module cards, also known as SIM cards, the basic tools used to identify mobile subscribers, are increasingly turning into our most personal possession. They have access to our personal information and bank account, and considered to be one of the most secure systems ever created.
But a German company named Security Research Labs has found a way to hack SIM cards in a way that enables malicious uses for the personal info stored on them.
“Basically, a SIM card has an Operating System of its own”, explains Omer Harel, former CTO at ORT, an Israeli importer of SIM-cards made by German supplier Giesecke & Devrient, and currently CTO of MER Group’s telecom division. “That OS enables the execution of various operations, one of which is Over-the-Air (OTA) updates through mobile operator initiated SMS messages”.
This OTA update protocol is what enabled the German company to gain access to cards. According to a description posted to the firm’s website about a week ago, it figured out a way to send a special “binary” SMS to mobile devices, which causes many of them to send back an error message containing the SIM card’s security signature in a way that can be cracked by a regular computer in 2 minutes. Then, the attacker can send the target device a second “binary” SMS, this time signed by the appropriate signature that makes the SIM execute the commands in the message.
The implications of this discovery are overwhelming: “The card has a very deep access to your phone, and anyone who gains access to it can tap your calls, or even make calls and messages with your number and with you paying for it – all without you or your device knowing”, says Harel.
According to Security Research Labs, out of more than 7 billion SIM-cards currently in use over the world, hundreds of millions are susceptible to this attack. The company said it will reveal the full research in the Black Hat conference this Tuesday.
Are you one of those hundreds of millions in risk? If you live in Israel, or any other developed nation, the answer is most probably not. This is because the attack uses security issues in the old DES encryption standard. When contacted for comment, both Israeli mobile operators Pelephone and Partner said none of their subscribers have cards using this outdated security standard. Cellcom, the third member of Israel’s large mobile operators club, declined to comment, but according to Harel, there is very little chance that cards relying on less than Triple DES encryption are in use in the country.
