When's the movie coming out?
posted by Anything at 5:08 AM on July 17, 2007

Great find.
posted by srboisvert at 5:12 AM on July 17, 2007

The Yorkshire Ranter has done some good occassional commentary on this. (and is a generally damn fine blog to boot).
posted by vbfg at 5:26 AM on July 17, 2007

You had to get to the bottom of the third page before they admitted that it was a GSM system that got hacked.
posted by Steven C. Den Beste at 6:02 AM on July 17, 2007

The only thing I could think after reading that is that it *must* already have happened / be going on in some US carriers, in one form or another.
posted by allkindsoftime at 6:03 AM on July 17, 2007

"The only thing I could think after reading that is that it *must* already have happened / be going on in some US carriers, in one form or another."

You're insane! The US government would never, never! Wire-tap the phones of Americans. What an outrageous statement...

* goes off to weep quietly in corner.*
posted by From Bklyn at 6:18 AM on July 17, 2007

Exciting!
posted by tcp at 6:18 AM on July 17, 2007

How did I miss this when the news broke? What a fascinating story—thanks, Costas.
posted by misteraitch at 6:26 AM on July 17, 2007

"You had to get to the bottom of the third page before they admitted that it was a GSM system that got hacked."

It's kind of a given considering it happened, y'know, in that part of the world where all the networks are GSM. What other kind of network would it have been? I don't think "admitting" that is at issue.
posted by majick at 6:28 AM on July 17, 2007

Has anyone determined why they targeted Greek politicians?
posted by Pastabagel at 6:49 AM on July 17, 2007

Pastabagel: as far as I know, and I've been trying to follow this case, no one has any idea of who was behind these (or at least hasn't said so in public). There was some early hinting (if you follow the links from the original MeFi post) that some US agency was behind this. However, the techie details in the Spectrum article though make the Intracom theory (mentioned in the Spectrum article near the end) a lot more plausible.

Intracom has had powerful political connections for years (chiefly with the previous government though) and (not accidentally) has been the main contractor for the state phone company, OTE, as well as the biggest mobile operator, Cosmote --Vodafone is #2, despite what Spectrum states. It makes one wonder that if they were involved in the Vodafone breach, whether and how deeply compromised OTE and Cosmote were --or to flip the argument on its head, if that's why so many Cabinet members, the PM and the Army Chiefs of Staff had Vodafone numbers (instead of Cosmote ones).

As Anything said, there is a good movie in here somewhere...
posted by costas at 7:03 AM on July 17, 2007

You're insane! The US government would never, never! Wire-tap the phones of Americans. What an outrageous statement...

* goes off to weep quietly in corner.*


Take this for what its worth, but I worked for a cell phone company back in 98? or so. I was digging around freely available company documents on my computer one day when I saw a notice explaining the companys efforts to comply with a US law or regulation that required prone carriers to allow communications to be tappable, without the carriers knowledge. So yeah, cell phones, though hard to crack even for techies, have been wide open to the US government for years.
posted by efalk at 7:19 AM on July 17, 2007

You had to get to the bottom of the third page before they admitted that it was a GSM system that got hacked.

As others have said, there are no non-GSM networks in the area. I don't know why you think it matters, other then you worked for Qualcomm when they were developing CDMA and you have a bug up your ass about GSM.
posted by delmoi at 7:22 AM on July 17, 2007 [1 favorite]

I understand where you are coming from SCDB. The intercepts were even clearer and the text info options were more feature rich and inexpensive than they would been in the U.S. The theives also probably made us of some fancy schmancy EU healthcare too. Fucking michael moore. So full of shit. Then there is the french...
posted by srboisvert at 7:25 AM on July 17, 2007 [1 favorite]

"But no one has found any recordings, and we don't know how many of the calls were recorded, or even listened to, by the perpetrators."

For all we know the hackers were listening to phone calls for kicks. Personally, I would have tapped Wynona Ryder, not the Prime Minister, but you know, whatever.

When you talk on the telephone you probably ought to assume anybody can hear it. Just exactly like when you send somebody an e-mail, you assume anybody can read it.
posted by bukvich at 7:39 AM on July 17, 2007

You had to get to the bottom of the third page before they admitted that it was a GSM system that got hacked.

You let 3 other people post comments that didn't in any way attack GSM before you posted yours. It's like you love GSM or something.
posted by cillit bang at 7:55 AM on July 17, 2007

I got this in my print copy of Spectrum this month...

You had to get to the bottom of the third page before they admitted that it was a GSM system that got hacked.

Well, I hate to pile on, but really, WTF?

They got physical access and loaded modified software on the switches. Software that covered its own tracks. How is that a GSM issue? Nobody broke anything OTA.
posted by GuyZero at 7:58 AM on July 17, 2007

Clearly, the GSM hardware switch design that allowed itself to be tampered with is inferior to american-class CDMA hardware switches that detonate an small embedded tactical nuke if anyone comes within 5m of it.
posted by CautionToTheWind at 8:22 AM on July 17, 2007

That would explain why my reception on Bell Mobility keeps coming and going.
posted by GuyZero at 8:24 AM on July 17, 2007

Obviously GSM is a failed technology; we should all switch to Nextel's CDMA and have conversations so mind-numbingly boring via push-to-talk that everybody tunes you out, a 21st century Purloined Letter.
posted by Challahtronix at 8:41 AM on July 17, 2007

To inject some Canadian cell-derail--- I got a new CDMA phone recently, Nokia, cheap.
If you're looking for a pay-go deal, here's the coupon for a nokia 2855i flip phone with PC wireless--- total cost- $57: includes a bluetooth earpiece, charger and $10 airtime credit and $25 Presidents Choice in-store coupon. (jpg)
posted by acro at 9:09 AM on July 17, 2007

I cannot believe that I can't find a single reference for this, but the Greek case is not the "first rootkit of a phone switch" like all the stories are boasting. In the late 90s the Cali cartel in Colombia set up a counter-intelligence operation that monitored all phone lines in the city of Cali looking for informants, basically turning the switches into their own private NSA. At the time I worked for a computer security firm that sold a firewall widely recognized as the most secure system on the market. One day two gentlemen from South America showed up at our corporate headquarters wishing to buy two copies of our firewall, no training, no service contract. They offered to pay in cash from a suitcase full of it. It was only later that I pieced together who they were representing, when the story hit the papers.
posted by scalefree at 5:32 PM on July 17, 2007

In the late 90s the Cali cartel in Colombia set up a counter-intelligence operation that monitored all phone lines in the city of Cali looking for informants, basically turning the switches into their own private NSA.

But did they need a rootkit to do it? Given it was in the cartel's backyard, it might have been easier just to pay off the tech support staff.
posted by storybored at 1:43 PM on July 18, 2007

There was talk of a movie coming out of this a year ago, but I have no clue as to whether the plan was followed up.

As for whodunit... One of the shadow phones was apparently making phone calls to Laurel Maryland next door to Fort Meade, if you catch my drift. I wrote about the investigations (if you excuse the self-link) back then and not much more about the culprits is definitively known today.
posted by talos at 2:13 PM on July 18, 2007

I like how they got busted because they had bugs in their patches! Har! Hacking central offices ain't for weaklings.
posted by storybored at 2:31 PM on July 18, 2007

But did they need a rootkit to do it? Given it was in the cartel's backyard, it might have been easier just to pay off the tech support staff.

I've tried every word combination I can think of & I can't find any reference to it at all, so I can't swear which way it was done. But there's also another candidate, the Phone Masters. Again I'm not completely certain they ever installed anything you could consider a rootkit into a switch, but if I ever run into any of them I'll be sure to ask.
posted by scalefree at 7:34 PM on July 18, 2007

That's the first i've heard of the Phone Masters, thanks for the post. I like their modest goal of "owning the telecommunications infrastructure" from coast to coast!

From the sounds of it they got caught breaking into the billing systems rather than the switch itself.

Thinking about it, the number of people who have the knowhow to break in to an Ericcson, Nortel or Lucent switch is pretty small. But on the other hand, the switches are highly vulnerable to malevolent members of that small group. The attention that switch vendors pay to security is probably up there with Microsoft circa 2000. (i.e. not so much)
posted by storybored at 9:06 AM on July 19, 2007

I would definitely put them in that group, but I don't specifically remember what systems they were in anymore. It's been a few years since they were around.
posted by scalefree at 4:13 PM on July 19, 2007