Vulnerabilities / Threats
7/22/2013
06:51 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

SIM Card Hack A Wakeup Call

Crack of mobile SIM card crypto and virtual machine features could let an attacker target and clone a phone

A researcher has discovered major flaws in some SIM cards that could pave the way for more targeted attacks against mobile device users.

Click here for more of Dark Reading's Black Hat articles.

Famed encryption researcher Karsten Nohl of Security Research Labs will show at Black Hat USA next week how he was able to hack some SIM cards in mobile phones by cracking the Data Encryption Standard (DES) keys used for over-the-air updates. The vulnerability in the DES authentication, as well as another flaw Nohl found in the cards' virtual machine or sandbox feature, could affect millions of SIM cards.

SIM cards match devices with their phone numbers, for example, and are also being gradually used for storing payment credentials for near-field communications transactions. Software updates occur via encrypted SMS messages sent to the SIM, but Nohl was able to crack the older-technology DES keys still being used in some SIM cards via a rainbow table method after sending a binary SMS to a targeted mobile device.

"The SIM does not execute the improperly signed OTA command, but does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS," according to Security Research Labs' description of the hack. "A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer."

That allows an attacker to sign an SMS binary message and send a Java applet to the card. "Applets are allowed to send SMS, change voicemail numbers, and query the phone location, among many other predefined functions. These capabilities alone provide plenty of potential for abuse," according to the research.

Nohl hacked two major SIM card vendors' Java sandbox or virtual machine security, which were built to ensure that Java applets operate in their own sectors for security reasons. He was able to break Java applets out of their sandboxes and provide the access to other parts of the SIM card. "This allows for remote cloning of possibly millions of SIM cards including their mobile identity (IMSI, Ki) as well as payment credentials stored on the card," he said in his post.

But hold the phone, security expert say: While the findings are significant, this is a fairly sophisticated hack that affects only between 10 to 20 percent of SIM cards in use today, says Marc Rogers, principal security researcher for mobile security firm Lookout Security. "It's definitely not in the wild yet ... and it's a very complex hack. I wouldn't get too panicked about it," Rogers says. "Newer versions of SIM cards don't use DES and are not vulnerable" to this hack, he says.

It's not the first time SIM cards have been hacked. Older crypto algorithms were cracked in SIM cards more than a decade ago. "It's novel in that [Nohl] has been able to break crypto in more recent [cards]," says Don A. Bailey, CEO at Capitol Hill Consultants LLC. "It's not a new method, but it's absolutely an exciting hack ... It's extremely important because it affects so many people around the world, and it will for quite some time."

It allows the attacker to assume the victim's mobile identity on the network, he says. "I can clone your card, and then I'm receiving your calls and text messages," Bailey says. Ultimately, the mobile carrier should be able to detect when a mobile user's account shows up in duplicate on the network, he says.

The Java Card hack was a logical next step to the DES encryption crack, security experts say. "Once you have crypto authentication to upload data to the card, it's highly likely you're going to be able to subvert the security of that card," Bailey says. "Most of the security controls are at the crypto point of entry."

[At Black Hat USA, a team of mobile-security researchers plans to show off ways to circumvent the security of encrypted containers meant to protect data on mobile devices. See Researchers To Highlight Weaknesses In Secure Mobile Data Stores .]

Most flaws and attacks on mobile devices to date have been app-level and opportunistic, so Kohl's attack demonstrates how more targeted mobile attacks could be executed, experts say.

"They pushed the risk and exploitation further down the stack" in mobile, says Tyler Shields, a senior analyst with Forrester Research. "I've been talking about how app security is the easiest entry point, but this is pushing it all the way down to the hardware ... This feels like it's more weaponizable and operational," Shield says.

The GSMA, which represents mobile operators, said in a statement that based on the information provided thus far by Nohl, the hack appears to affect a "minority" of SIM cards. "There is no evidence to suggest that today's more secure SIMs, which are used to support a range of advanced services, will be affected. The mobile industry and its users benefit from the high security standard provided by SIM cards. The SIM has proved to be a secure method to authenticate users and enable the portability of services between devices from the inception of GSM technology," the statement said.

"The GSMA welcomes positive research which may identify and pinpoint implementation issues that can be fixed and result in enhanced security levels and ongoing user confidence in SIM secured services. The GSMA takes the security of SIM Cards very seriously and has Working Groups that follow these developments. We continue to work with our mobile operator members and the SIM providers to minimise any potential risks," the GSMA said.

Adrian Stone, director of BlackBerry Security Response and Threat Analysis, says the GSMA last year adopted recommendations from BlackBerry for beefing up standards for securing SIM cards. "BlackBerry works closely with the research community to identify and address security issues, and as part of a researcher collaboration last year, BlackBerry lead the charge to update industry SIM card standards in order to help ensure customers across the industry are protected from this type of attack. The GSMA adopted BlackBerry's recommendations, which will help protect every device that uses a SIM, including mobile devices, cars, credit card machines and others," he says.

Security Research Labs, meanwhile, recommends that SIM cards deploy the latest cryptography and secure Java VMs, SMS firewalls, and SMS filtering by carriers.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MROBINSON000
50%
50%
MROBINSON000,
User Rank: Apprentice
7/26/2013 | 6:40:56 AM
re: SIM Card Hack A Wakeup Call
Great topic, as weGÇÖve said before with millions of mobile apps available across the Apple, Android,
Blackberry and Windows marketplaces, one of the most critical areas to pay
attention to is security. Fundamentally, all software, not just mobile
applications, should follow some type of process, like the SDLC, to ensure that
security is built into all phases of the development lifecycle. However, what
weGÇÖve seen with mobile applications is GÇ£SMiShing,GÇ¥ which is phishing conducted
via SMS (text), hereGÇÖs an article talking about this: http://blog.securityinnovation...
JaapF
50%
50%
JaapF,
User Rank: Apprentice
7/23/2013 | 7:00:12 AM
re: SIM Card Hack A Wakeup Call
Very interesting research.

Particularly because more and more Multi-Factor-Authentication (MFA) solutions use a mobile phone as a 2nd factor. When you zoom in on these solutions, some are in fact using the mobile device, but most of them are based on sending/receiving of SMS text messages. If a fraudster is using this hack, MFA is effectively not adding security and identity theft goes beyond reading my text-messages.

One of the questions for me is: how does a user know if his SIM is in the vulnarable category (10-20%) or has a more safer technology?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

CVE-2014-0600
Published: 2014-08-29
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

CVE-2014-0888
Published: 2014-08-29
IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.

CVE-2014-0897
Published: 2014-08-29
The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection me...

CVE-2014-3024
Published: 2014-08-29
Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 through 7.5.0.6 and Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk allows remote authenticated users to hijack the authentication of arbitr...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.