Voicemail spying shows phone network weak spots

Jul 07, 2011 By JORDAN ROBERTSON and RAPHAEL G. SATTER , Associated Press

The voicemail tampering scandal engulfing Rupert Murdoch's News of the World tabloid demonstrates not only the vulnerability of phone networks, but also the fallibility of the people who help maintain them.

The British tabloid is accused of breaking into voicemail accounts of various celebrities and dignitaries -and even crime victims and their families- in a relentless hunt for scoops.

Those accused of hacking on behalf of Murdoch's publication were alleged to have employed a variety of ruses. Glenn Mulcaire, the private investigator at the center of the scandal, once targeted members of Britain's royal household by duping phone operators into handing over their personal codes. Those PIN codes in turn allowed him and tabloid journalist Clive Goodman to listen in on the royal family's voicemails.

Many of the methods that phone hackers use are surprisingly low-tech.

"Pretexting" is a common technique for fooling company representatives into giving up a customer's private account information. A pretexting scheme works like this: A hacker calls up the telephone company pretending to be his victim. An agent asks for personal information, such as mother's maiden name or a pass code, to determine the person's identity. The customer service rep then surrenders call logs or passwords if the information is convincing enough.

Perhaps the most famous example of pretexting emerged in 2006 when it was revealed that Co. was spying on journalists and its own board members by hiring private investigators to retrieve their phone logs. The practice was already illegal in the U.S., but was common in the world of private investigations because prosecutions were rare. After the HP debacle, new federal legislation clarified the penalties. Anyone found guilty of pretexting in the U.S. could face up to 10 years in prison.

Knowing bits of key information -such as a Social Security number, names of family members on the accounts - can help a hacker establish credibility in pretexting attacks. Having access to the target's e-mail account can be valuable as well.

In other cases in Britain, all journalists had to do was dial directly into victims' phones and enter a default or easy-to-remember password, such as "1111," to gain access to their voicemails.

The News of the World fiasco has led to prison terms for an investigator and a former reporter for the tabloid, caused several major companies to pull advertising. It is complicating Murdoch's attempt at a multibillion-pound (dollar) takeover of British Sky Broadcasting, which some in government now insist should be blocked because of the hacking incident.

Authorities say tabloid staffers may have interfered with police investigations by hacking into the cellphone of a 13-year-old girl who was eventually found murdered. The staffers are also being investigated on allegations of tampering with phones of victims of the July 7, 2005, terrorist attacks in London, which killed 52 people.

Just as many people are surprised by how easy it is to hack into someone's Internet e-mail account - the "forgot my password" feature is reviled by many security professionals- it may be surprising as well that phone accounts aren't much safer.

Unlike an ATM withdrawal that requires a bank card and a PIN code, voicemail typically only requires a PIN code.

Today, we simply store too much information and don't take enough advantage of technologies such as voice recognition, for instance, that could better secure voicemail, said Mark Rasch, director of cybersecurity and privacy consulting for Computer Sciences Corp.

"The four-digit PIN will someday die, but I can't tell you when," Rasch said. "Businesses still like it, and people like it because it's easy and easy to remember. But it's only easy and easy to remember if you use the same PIN for everything - and once you do that, if you've compromised it one place, you've compromised everywhere."

If all else fails, hackers can sometimes purchase phone information. Britain's Guardian newspaper has reported allegations that other investigators paid bribes to obtain information from Britain's police database, the drivers' licensing agency, and cell phone companies.

The phone numbers and passwords were obtained in industrial quantities. Last year Scotland Yard said that some 4,000 names, 3,000 cell phone numbers and nearly 100 passwords had been found in Mulcaire's notes when he was arrested.

Explore further: Four questions about missing Malaysian plane answered

5 /5 (1 vote)
add to favorites email to friend print save as pdf

Related Stories

New arrest in UK phone hacking scandal

Jun 27, 2011

(AP) -- Britain's Press Association news agency said Monday one of its reporters was arrested by detectives investigating a widening phone hacking scandal.

Thousands to be contacted in UK hacking case

Feb 09, 2011

(AP) -- British police revealed Wednesday it would contact thousands of people whose cell phones may have been targeted by the News of The World tabloid, an indication of the scale of the scandal at the heart of Rupert Murdoch's ...

Britain shocked by hacking into slain girl's phone

Jul 05, 2011

(AP) -- Britain's long-running phone hacking scandal has taken a sickening twist, with claims that a tabloid newspaper hacked into the phone mail of an abducted teenage girl and may have hampered the police ...

UK phone-hacking 'targeted ex-premier Brown'

Jan 23, 2011

Britain's opposition Labour party called Sunday for a fresh police probe into phone-hacking by journalists, amid reports that former prime minister Gordon Brown was among the high-profile figures targeted.

Researchers show how to use mobiles to spy on people

Apr 22, 2010

(PhysOrg.com) -- Researchers have demonstrated how it is possible to use GSM (Global System for Mobile communications) data along with a few tools to track down a person’s mobile phone number and their location, ...

Recommended for you

Four questions about missing Malaysian plane answered

14 hours ago

Travelers at Asian airports have asked questions about the March 8 disappearance of Malaysia Airlines Flight 370 while en route from Kuala Lumpur to Beijing. Here are some of them, followed by answers.

Under some LED bulbs whites aren't 'whiter than white'

Apr 18, 2014

For years, companies have been adding whiteners to laundry detergent, paints, plastics, paper and fabrics to make whites look "whiter than white," but now, with a switch away from incandescent and fluorescent lighting, different ...

Freight train industry to miss safety deadline

Apr 16, 2014

The U.S. freight railroad industry says only one-fifth of its track will be equipped with mandatory safety technology to prevent most collisions and derailments by the deadline set by Congress.

User comments : 0

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

(Phys.org) —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...