Donate to Science & Enterprise

S&E on Mastodon

S&E on LinkedIn

S&E on Flipboard

Please share Science & Enterprise

Cell Phone User Locations Open to Hackers via Networks

Cell phone tower (Richard Smith/Flickr)Computer scientists at University of Minnesota in Minneapolis have discovered a vulnerability in cellular networks that can allow hackers to follow individual cell phone users without their knowledge. Ph.D. candidate Denis Foo Kune, with fellow student John Koelndorfer and professors Nick Hopper and Yongdae Kim presented their findings earlier this month at the Network & Distributed System Security Symposium in San Diego.

Techniques used by cellular networks to quickly locate their cell phone customers provide the opening hackers — or oppressive governments — need, according to the researchers. Foo Kune says that incoming calls require the network “to locate that device so it can allocate the appropriate resources to handle the call. Your cell phone network has to at least loosely track your phone within large regions in order to make it easy to find it.”

One of those techniques is to have the cell phone towers broadcast a page to the phone, and wait for the device to respond when sent a call, not unlike a CB radio. The network’s maintenance of location data helps speed cell phone connections, and may also be subject to a subpoena from law enforcement authorities.

But that service can also provide an opening to hackers. Unauthorized operators can force a paging signal out through the same network, receive a ping back with the location from the device, and disconnect before the customer’s cell phone starts ringing.

The Minnesota team showed how this kind of surveillance was not only possible, but readily accomplished with everyday equipment and open-source software. With these tools, the researchers were able to track the location of cell phone users without their knowledge who were customers of Global System for Mobile Communications (GSM) networks. GSM is the most used cell phone protocol worldwide, and supported by AT&T and T-Mobile in the U.S.

In their tests, the team tracked the location of a test subject within a 10-block area as the individual traveled across an area of Minneapolis at a walking pace. The researchers used no special equipment, nor did they get any help from the cell phone service provider.

Foo Kune and his group say they contacted AT&T and cell-phone maker Nokia with low-cost mitigation techniques that could be implemented without changing the hardware, and are drafting sample disclosure statements for cellular service providers.

Read more:

Photo: Richard Smith/Flickr

*     *     *

1 comment to Cell Phone User Locations Open to Hackers via Networks