Posted by: Ron Miller
Anonymous, cell phones, Security
Last month the FBI and their UK counterparts at the Metropolitan Police had a phone conference to discuss strategies for dealing with the hacker group Anonymous. Trouble was Anonymous tapped into the conversation, recorded it and published it on the Internet. Talk about embarrassing.
Talk about preventable.
How could they have prevented this situation, you might be asking? By encrypting their communication to prevent this kind of eavesdropping, that’s how.
While I was visiting CeBIT recently, the enormous technology trade fair that takes place each March in Hanover, Germany, I learned about a company that encrypts cell phones and other types of phone communication.
The German company is called Secusmart, and it has developed technology to add voice encryption to land lines and cell communications — and according to a spokesperson, it works with SMS messages too. So far, their customers include German government authorities, Nato and EU government entities.
The company says it can secure a phone system onsite or it can encrypt calls coming from a mobile phone using a MicroSD card, which works on all phones that have MicroSD card slots including Blackberry and Android phones (but not iPhones, which don’t have such a slot).
The solution offers end-to-end encryption, assuming both parties are using the solution. If they are not, they still get partial protection on the device where the card is installed. According to Secusmart, the encryption happens in real time and if your call is encrypted, there is a message on the phone indicating this, so there is no room for mistakes.
The company claims the encryption has no impact on call quality, but they admit that it’s not cheap (although they didn’t give a price during a meeting with the press). The spokesperson also said there is no backdoor into the system because as he said, “An insecure-secure product is worthless.” True enough.
When someone taps into the phone call, all they will hear is white noise. What’s more, Secusmart solutions also validate who you are talking to avoid “man in the middle” attacks where someone intercepts the call and claims to be the person you are calling.
It’s a technology that the US and British law enforcement officials might have thought to have in place to prevent the kind of embarrassment they faced when Anonymous was able to listen to their conference call.
If they had Secusmart technology (or something similar) in place, Anonymous would presumably have only heard white noise, not the text of the entire conversation.
But this technology is not just for law enforcement. Companies who have sensitive discussions about business matters over phone lines also should be worrying about this. With hacking and espionage seemingly everywhere, you have to at least consider equipping your high-level executives with this technology, and depending on your business, perhaps the entire company communications system.
It could protect your company from prying ears — and chances are they are out there listening, whether you know it or not.