back

Mobile network attack evolution

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:49:34
Language
English
Abstract
Mobile networks should protect users on several fronts: Calls need to be encrypted, customer data protected, and SIM cards shielded from malware.

Many networks are still reluctant to implement appropriate protection measures in legacy systems. But even those who add mitigations often fail to fully capture attacks: They target symptoms instead of solving the core issue.

This talks discusses mobile network and SIM card attacks that circumvent common protection techniques to illustrate the ongoing mobile attack evolution.

The evolution is exemplified by new advanced attack vectors against mobile communication and SIM cards:

Mobile calls and identities are known to be weakly protected, but network progressively rolled out patches to defeat hacking tools. We will discuss — and release — tools to measure whether these changes are effective.

SIM cards were identified as a remote exploitation risk this year: Unnoticed by the victim, an attacker can take control over a card by sending a few binary SMS. Network operators started filtering binary SMS and patched some of their weak SIM card configurations in response to vulnerability research. The talk looks at filtering evasion techniques and discloses new configuration vulnerabilities present in many cards world-wide.

Talk ID
5449
Event:
30C3
Day
1
Room
Saal 1
Start
5:15 p.m.
Duration
01:00:00
Track
Security & Safety
Type of
lecture
Speaker
Karsten Nohl
Luca Melette
Talk Slug & media link
30C3_-_5449_-_en_-_saal_1_-_201312271715_-_mobile_network_attack_evolution_-_karsten_nohl_-_luca_melette

Talk & Speaker speed statistics

Very rough underestimation:
140.6 wpm
782.0 spm
While speaker(s) speak(s):
142.8 wpm
795.1 spm
123.1 wpm
648.4 spm
144.6 wpm
809.2 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
140.6 wpm
782.0 spm
simcardphonenetworksnetworkkarstenquestiontoolsyearscardslukasecuritykeyscoursesmstimetodayindustrycouplea5/3applicationattackpeoplebitfilteringtoolapplauseencryptiondatajavasenddessecurethingsbasicallyhelpgsmlucamessagesinstancegoodnumberbreaka5/1prettysignalcountrysixteentriple-desyear
While speakers speak:
142.8 wpm
795.1 spm
simcardnetworksnetworkphonecardskeysyearstoolssecuritytodayapplicationcouplebitencryptionattackindustrytooljavacoursea5/3dessecuremessagesdatafilteringkarstenthingstriple-dessixteengsmfixesstandarda5/1tenbreaksurfacebasicallyhelpattackssendkeyoperatorstimeunderstandingfrequenciesprettylargeyearago
Luca Melette:
123.1 wpm
648.4 spm
simphonelukacurrentlocationcardiphonebtsapplicationnetworknanonormalsecondsbettermobileinstalleddeleteinstalloperatorbestcaseenlargefieldareacell-idbasicallypreciseuser.easyok..finishedcoupletendunnoinfectedmalwareminutessendsuserattackersnumberproofcard.connectingsendingsms'scloseregisterthinkssend
Karsten Nohl:
144.6 wpm
809.2 spm
simcardnetworksnetworkphonecardskeyssecurityyearstoolstodayattackbitencryptionjavacoupletoolindustrycoursedesa5/3securemessagesdatafilteringapplicationattacksfixeshelpgsmbreakstandardtriple-dessixteenthingsa5/1surfacekarstenyearlargetimeapplicationsbasicallyprettyunderstandingfrequenciestenagogoodvulnerabilities