T-Mobile US CSO: Spies jumped from one telco to another in a way 'I've not seen in my career' While Chinese-government-backed spies maintained access to US telecommunications providers' networks for months – and in some cases still haven't been booted out – T-Mobile US thwarted successful attacks on its systems "within a single-digit number of days," according to the carrier's security boss Jeff Simon. T-Mo's CSO, in …
Chinese Hacker: "Mwuhahahaaa! I have broken into the computer of this senior official from the incoming administration, time to load it up with compromising material... ah balls it's already loaded up. Is that...? Ew! Gross! Well, I have nothing to do here."
"time to load it up with compromising material"
Don't think that would get far these days. The last guy in charge encouraged an insurrection against his own government. Not only was he not punished for it, he's going to be the next guy in charge and is widely expected to pardon those who actively participated.
Compared to that, don't think there's much they can put on a computer that would make a dent these days...
or does this not show the delightful contradiction with government mandated security weaknesses/backdoors/wiretaps ? "Of course the bad people would never be able to access our spying systems".
One the one hand you've got:
"FBI and CISA officials briefed reporters on the massive cyber-espionage campaign, during which China-affiliated snoops successfully broke into several US telecom companies' networks, compromised wiretapping systems used by law enforcement, and used that access to steal customers' call records and metadata."
And on the other:
"Encryption is your friend – whether it is on text messaging or if you have the capacity to use encrypted voice communications," CISA's Greene said. "Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible, if not really hard, for them to detect it. So, our advice is to try to avoid using plain text."
I completely agree with you because I'm familiar with the situation and see the contradictions you mention.
However, were I to base my opinion more on ideology than technical knowledge, I could absolutely see myself thinking that there are no circumstances that can't be changed by a new law or two.
“ Simon credits T-Mo's layered defense with stopping any espionage attempts targeting his customers and systems.”
… yet the gained access via a T-Mobile 3rd party/MVNO carrier and it seems managed to compromise the whole network.
That also seems like a contradiction.
The SEPP (in 5G, it has another name in 4G, and doesn't exist in 2G/3G) is the weak point of a modern mobile network as it handles both the control plane and the user plane transmission towards other networks (mobiles or not). Managing to hack the user plane wouldn't do much (you still get datas out of individual customers), the real motherlode is being able to break into the control plane ( that's where some important databases are ) and from there jump into the billing systems ( more important data there ).
What worries me the most is the fact that apparently whomever did the original massve breach managed to enter the Lawful Interception systems all over the place.
From my point of view it means that it managed to hack it's way in some federal system that's connected to all the MNO and from there to hit individual $TELCO.
That's worrying.
Someone should start a pro-encryption campaign and keep hammering this advice, keep hammering about fraud losses. And use scare tactics: "without encryption, you could lose everything. Do you really want your kids to be homeless this Christmas? Think of the children - whatever it is, encrypt it."
That started as a mild jab at the anti-encryption nutters, but it's kind of "ha ha only serious" now.
If you're on a 5G Network it's encrypted all the way to the SEPP in your home network... Including what comes out of the phone.
If you're on a 4G Network it's partially encrypted up to Internet.
If you're on a 2G/3G Network voice is encrypted from the phone to the MSC. Data is encrypted from the phone to the Base Station.
If you can force your phone in 5G only mode.
Not really.
the CALEA access point is just a Lawful Interception Platform that tells the various network functions [AMF, UPF, UDM, CSCF, PCF, SMSF, ... ] that some LEO service is interested by a specfic user (usually Identified by the IMSI but also eventually by the IMEI) and to send the relevant information to the LEO service. The information are sent through IPSEC VPNs and encrypted flows straight from the network functions (where they are unencrypted internally, which is where the *wiretapping* occurs.)
I'm old enough to remember when The Government was telling us that the private use of encryption was a threat to National Security and one of the primary ways child porn is spread. And even further back, when NSA was actively trying to make private use of encryption illegal (read "Crypto" by Steven Levy).
How times have changed.
So...which is it, a Threat to National Security, or strongly encouraged?
So...which is it, a Threat to National Security, or strongly encouraged?
If you are a criminal democrat seeking information about abortion it's a threat to national security. If you are planning a trip to the Capitol with a few hundred of your closest friends it's recommended.
I would imagine the FIDO2 key is something integrated into your employee ID badge, as in the military Common Access Card. It would be awfully hard to get hold of one of those and I believe they're smart enough to be re-keyed quickly, so if one is lost, that key (and only that key) is invalidated and a new one assigned while the employee spends some time explaining how they lost their keycard.
Yup, that's the worry I have with all the fingerprinting stuff: if someone finds a way to replicate that it'll be quite hard to replace your fingers (it does classify Yakuza habits as accidentally ahead of the curve, though). And no, John Travolta and Nicolas Cage do NOT have a solution for facial recognition, that's just a movie.
:)
Bootnote: I do like the deep vein scanners, but they're a tad too bulky to integrate into phones..
Since the telecoms carrying SMS based second factor authentication were already compromised by foreign agents, I can see how FIDO2 helped T-Mobile avoid being as easily hacked.
Said another way, if your adversary can already read your text messages, then not only do they know the second factor but you have also told them when and where you are logging in.
If you control the mobile network, there's an awful lot of things you can do with the SIM card and radio module of all connected phones. Considering especially the radio module's virtually unrestricted hardware access (including the ability to use the microphone behind the OS's back whenever it wants), are there any assurances that this has _not_ happened?
Even if you've booted the aggressors off your servers, what about cloned SIM cards, encryption keys etc.?
imagine a cycle manufacturer saying our front brakes are dangerous please try only using the rear brakes
couldn't make it up
chinese curse .... "may u live in interesting times"
should be
chinese curse "may u live in boring times"
i for one am glad that the latter curse is def' gone and buried for now
this was todays example, here's yesterdays example.....
What's the diff between irony satire and reality.... NOTHING...... "Jung In Yun from Fibonacci Asset Management Global described a generalised sense of relief when news emerged that the martial law declaration had been lifted. Instead of preparing for the worst-case scenarios, Mr Jung said this became a "buy the dip" moment - an expression used by investors to describe the opportunity to purchase assets that have temporarily fallen in value."
look forward to the morning news these days, can't wait for trump et al to get going :)
...... or would anything like that be considered and feared as far too much like an Alien Attack to be recognised and accepted as something quite different
They have extremely sophisticated capabilities, zero-day vulnerabilities that we don't even know exist,..
Ah, yes ...... some of those "unknown unknowns — the ones we don’t know we don’t know. And if one looks throughout the history of our country and other free countries, it is the latter category that tends to be the difficult ones" ..... which US Secretary of Defense Donald Rumsfeld advised everyone about and which should also be as gravely regarded as that which President Dwight D.Eisenhower's Farewell Address warned everyone about almost 64 years ago but which is still something yet to be successfully addressed and universally remedied to halt it preying on the public like a parasite hosting a pandemic virus .....
A vital element in keeping the peace is our military establishment. Our arms must be mighty, ready for instant action, so that no potential aggressor may be tempted to risk his own destruction.Our military organization today bears little relation to that known by any of my predecessors in peace time, or indeed by the fighting men of World War II or Korea.
Until the latest of our world conflicts, the United States had no armaments industry. American makers of plowshares could, with time and as required, make swords as well. But now we can no longer risk emergency improvisation of national defense; we have been compelled to create a permanent armaments industry of vast proportions. Added to this, three and a half million men and women are directly engaged in the defense establishment. We annually spend on military security more than the net income of all United State corporations.
This conjunction of an immense military establishment and a large arms industry is new in the American experience. The total influence-economic, political, even spiritual-is felt in every city, every state house, every office of the Federal government. We recognize the imperative need for this development. Yet we must not fail to comprehend its grave implications. Our toil, resources and livelihood are all involved; so is the very structure of our society.
In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist.
We must never let the weight of this combination endanger our liberties or democratic processes. We should take nothing for granted. Only an alert and knowledgeable citizenry can compel the proper meshing of the huge industrial and military machinery of defense with our peaceful methods and goals, so that security and liberty may prosper together.
Akin to, and largely responsible for the sweeping changes in our industrial-military posture, has been the technological revolution during recent decades.
In this revolution, research has become central; it also becomes more formalized, complex, and costly. A steadily increasing share is conducted for, by, or at the direction of, the Federal government.
Today, the solitary inventor, tinkering in his shop, has been over shadowed by task forces of scientists in laboratories and testing fields. In the same fashion, the free university, historically the fountainhead of free ideas and scientific discovery, has experienced a revolution in the conduct of research. Partly because of the huge costs involved, a government contract becomes virtually a substitute for intellectual curiosity. For every old blackboard there are now hundreds of new electronic computers.
The prospect of domination of the nation's scholars by Federal employment, project allocations, and the power of money is ever present and is gravely to be regarded.
Yet, in holding scientific research and discovery in respect, as we should, we must also be alert to the equal and opposite danger that public policy could itself become the captive of a scientific-technological elite.
It is the task of statesmanship to mold, to balance, and to integrate these and other forces, new and old, within the principles of our democratic system-ever aiming toward the supreme goals of our free society.
That Ike, he knew what he was talking about. I'd have voted for him.
Sadly, he was talking in the language of a bygone era. Where's the pith? Where's the soundbites? And so his own party immediately forgot everything he'd tried to tell them.
The way chosen by the United States was plainly marked by a few clear precepts, which govern its conduct in world affairs.First: No people on earth can be held, as a people, to be an enemy, for all humanity shares the common hunger for peace and fellowship and justice.
Second: No nation's security and well-being can be lastingly achieved in isolation but only in effective cooperation with fellow nations.
Third: Any nation's right to a form of government and an economic system of its own choosing is inalienable.
Fourth: Any nation's attempt to dictate to other nations their form of government is indefensible.
And fifth: A nation's hope of lasting peace cannot be firmly based upon any race in armaments but rather upon just relations and honest understanding with all other nations.
Political repercussions are difficult unless you catch people in the act. But basically, every country spies on every other country just like every organised community has been doing ever since there have been organised communities. Just assume you’re under surveillance and take countermeasures if you need to. If you don’t want some information known, don’t talk or write about it.
Be really mean and implement a wiretap that actually require an certified law enforcement agent to carry a physical device and and actually get a warrant and physically plug it in for a limited time, rather building it into the system monitor and record 24/7, and storing the results online, all accessible to a large number of "trusted" people.
For years, nigh-on decades, the US Houses of Congress have, on-and-off, been discussing curbs on encryption technologies and the introduction of 'backdoors'. Remember the 'Clipper Chip' promoted by the NSA?
Following the lead of US congressmen, naïf politicians, and security agencies (devious rather than naïve), elsewhere promote encryption designed as breakable (but only by the good guys).
Apparently, US fear of 'Reds under the beds' has shifted from the erstwhile Soviet Union to China. The latter being lined up for demolition as soon as the Russian domino has fallen; fortunately, neither will happen. The only means for reconciling unquestionable needs for tight security on stored and transmitted data with equally unchallengeable imperatives for surveilling the masses is by distinguishing reputable users of stout encryption from everyone else.
Clearly, police, the military, security agencies, senior politicians, divers 'Great and Good', and corporate entities, all these with a pecking order among them, must be protected by the best available encryption; the public can be fobbed-off with less secure encryption (i.e. backdoored), and outfits offering secure encryption to the public (e.g. Signal) outlawed. Of course, none of this will make the slightest difference for savvy honest citizens who object to surveillance (e.g. readers of this publication) or to determined people of nefarious intent.
Why when we have a secure standard for voice calls, and almost everything is moving/has moved to VoIP are we still using RTP rather than SRTP for almost all phone lines?
Just watch the data stream with WireShark, select VoIP and listen to the call.
It is the same with phone hacking - someone hacks your account makes lots of call to numbers that are only there to make money, and come the morning your provider gives you a bill for £1,000 because they "have to payfor the onward leg", when it's clearly a fraudulent set of calls.
End user securty in the telecoms world does exist, & could be implimented today. Yet it's not done.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
