It’s no secret that smartphones are susceptible to malware attacks or
remote hacks because they are almost always connected to the Internet.
One part of the phone though has never been considered as a security
risk – the SIM card. But that is about to change as German cryptographer
Karsten Nohl and his team claim to have successfully found a flaw in
the card and managed to hack it, Forbes reports.
“Give me any phone number and there is some chance I will, a few minutes later, be able to remotely control this SIM card and even make a copy of it,” Nohl confidently says.
“Give me any phone number and there is some chance I will, a few minutes later, be able to remotely control this SIM card and even make a copy of it,” Nohl confidently says.
Explaining the technicalities, Nohl said that the key to hacking
these SIM cards is a programming language called ‘Java Card’, which
phone companies use to send binary SMS to the phone to trigger
Over-the-Air (OTA) programming. Nohl and his team observed that they
could use this programming language coupled with a cryptographic method
called ‘Rainbow Tables’ to crack the encryption key on a SIM card and
send it executable commands.
The team realized that though each network carrier had a unique
encrypted signature, they could still use the aforementioned methods to
hack about half a billion mobile devices across the world. But putting
all the fears to rest, Nohl says there is nothing to worry as cyber
criminals haven’t yet been able to hack SIM cards. It could take them
more than six months to find the flaw using his methods, by which time
the network carriers would have fortified their cards.
