Is 4G putting your mobile at risk of hacking?

LTE covers a wider range of frequencies than slower 2G and 3G networks, and uses an open protocol, making it more susceptible to hackers and viruses

Almost every phone launched at this week's Mobile World Congress was sold on the promise of having super-fast speeds thanks to built-in LTE technology.
LTE, also known as 4G, officially launched in the UK last year, but it’s been growing in popularity globally for the past five years.
The technology covers a wider range of frequencies and has the potential to be up to 100 hundred times faster than slower 2G and 3G networks, but a software and security expert has told the MailOnline this increased speed comes at a price - security.
Both 2G and 3G networks were primarily designed for feature phones; for voice calls and texts, rather than data.
However, 4G was designed especially for sending and receiving data, making it more equipped for the job.  
Leonid Burakovsky, senior director of strategic solutions at F5 told the MailOnline that while this makes it faster, the methods taken to achieve these speeds also make it more vulnerable.
'What the industry has done with 4G/LTE is taken a self-contained telephone network, secured primarily by virtue of being separate from the internet, and then bolted-on internet capabilities which were never designed to prevent eavesdropping,' said Burakovsky.
Put simply, 3G networks use a protocol called SS7 to send signals, this protocol is notoriously difficult to penetrate.

LTE networks, on the other hand, use systems such as Diameter, an open protocol that sends signals based on the IP addresses of networks. This makes it faster, and can handle more traffic than SS7.
However, because this is an open protocol, it makes it easier to penetrate. It is also responsible for managing the data sent for billing and authentication. 

The majority of new handsets released worldwide have LTE technology built in that helps them connect to super-fast 4G networks, including the Samsung S5 unveiled on Monday, pictured. Experts have warned operators need to do more to protect users against attacks directed straight at these faster networks

SECURITY RISKS AND MOBILES

Research from F5 found security is among the top three features people use to choose a mobile operator, after pricing and network coverage.
Two thirds of respondents said security is more important to them than access to the latest devices.
But despite this, around half (49 per cent) admitted that they don’t know how to protect their phones from malicious threats. 
Mobile users are more than three times as likely to blame their mobile operators (35 per cent) for security breaches, than the providers of services such as Facebook, Gmail or banking apps (10 per cent)  or handset manufacturers (4 per cent).
More than half of consumers said they'd switch providers after a major data breach.

This means it’s easier to access, and carries highly-sensitive and personal information such as passwords, location data, network addresses and cryptographic keys.
‘LTE networks are inherently less secure than their 3G and 2G predecessors,' said Burakovsky.
'This can open mobile networks up to a greater number of very real threats, meaning the onus will be on mobile operators to increase their efforts to protect users, network and applications.'
‘The main security problem with 4G networks is that user information can become easily available to hackers via, for instance, ‘man-in-the-middle’ attacks, and hackers can compromise new services like mobile health or mobile commerce,’ continued Burakovsky.

Attackers can place themselves either between two unsuspecting victims, or between the user and the app, or even between two machines.
This gives the attackers full access to the data being sent over the network, and some hackers could even be able to control it.
Burakovsky added that the main problem is there's no protection between the phone and the network it’s connected to, and the core network controlled by the operator.
Networks do use secure systems, such as IPsec and TLS, to secure certain parts of the sensitive data, but F5 warned operators need to do more to protect users against attacks directed straight at the mobile network.
'There needs to be more understanding of the user, the network, the app, and what people are trying to do when using their mobile devices,' said Burakovsky.
'The message is clear: comprehensive multi-layer security should be an integral part of any LTE to deliver the level of security consistent with the many advantages of 4G - like lightning fast video downloads - that make up a great customer experience.'

Have millions of webcam users had their sex pictures harvested by the NSA?

Britain’s spy agency collected webcam images – including sexually explicit material – from millions of innocent internet users.

Agents at GCHQ intercepted streamed webcam chats from Yahoo users and stored their images using a surveillance programme codenamed Optic Nerve.

In one six-month period in 2008, the intelligence agency collected images from more than 1.8million Yahoo users around the world – regardless of whether they were terror suspects or not.

+4

Claim: Cheltenham-based UK spy agency GCHQ has reportedly harvested webcam images - including sexually explicit material - of millions of internet users

Leaked top-secret documents reveal that up to 11 per cent of the stored images contained ‘undesirable nudity’.

The revelations are the latest from a batch of files published by whistleblower Edward Snowden, the US defence worker who has exposed shocking details of how spy agencies snoop on people around the world.

Optic Nerve – which critics last night branded eerily reminiscent of telescreens in George Orwell’s novel 1984 – was run with the aid of the US National Security Agency.

It was intended for use in experiments in automated facial recognition to try to find terror suspects.

+4

Anger: Internet giant Yahoo reacted furiously to the claims, branding them a 'whole new level of violation'

Rather than collecting webcam chats in their entirety, the system saved one image every five minutes from the users’ feeds between 2008 and 2010.

'Unfortunately  … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person'
GCHQ

But documents leaked to The Guardian revealed that sexually explicit pictures proved to be a problem for GCHQ.

One comment from the agency read said: ‘Unfortunately … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person.

‘Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography.’ Internet giant Yahoo reacted furiously to the claims.

A spokesman said: ‘We were not aware of, nor would we condone, this reported activity.

Ongoing: In its latest report on files leaked by US whistleblower Edward Snowden (pictured), the Guardian newspaper claims a surveillance programme collected still images of Yahoo webcam chats

‘This report, if true, represents a whole new level of violation of our users’ privacy that is completely unacceptable and we strongly call on the world’s governments to reform surveillance law consistent with the principles we outlined in December.

'This report, if true, represents a whole new level of violation of our users' privacy that is completely unacceptable and we strongly call on the world's governments to reform surveillance law consistent with the principles we outlined in December'
Yahoo spokesman

'We are committed to preserving our users’ trust and security and continue our efforts to expand encryption across all of  our services.’

Tory MP David Davis said: ‘This is, frankly, creepy. It is perfectly proper for our intelligence agencies to use any and all means to target people for whom there are reasonable grounds for suspicion of terrorism, kidnapping and other serious crimes.

‘It is entirely improper to extend such intrusive surveillance on a blanket scale to ordinary citizens.’

Allegation: GCHQ is understood to have secretly accessed fibre-optic cables carrying huge amounts of internet and communications data and shared the information with the NSA (whose offices in Maryland are pictured)

Nick Pickles, director of civil liberties campaign group Big Brother Watch, said: ‘This is an indiscriminate and intimate intrusion on people’s privacy.

'Orwell's 1984 was supposed to be a warning, not an instruction manual'
Nick Pickles, Big Brother Watch

'Orwell’s 1984 was supposed to be a warning, not an instruction manual.’

GCHQ declined to comment on the claims.

Mr Snowden originally leaked information about the attempts by government spy agencies to harvest private information from millions of people.

Earlier this year, MI5 director general Andrew Parker warned that revealing details about GCHQ’s work was a ‘gift to terrorists’.

U-TURN OVER BAN ON CCTV PARKING FINES

Controversial CCTV cameras that target millions of motorists for parking fines are set to survive a promised Government cull, it emerged yesterday.
The use of enforcement cameras outside schools and other sensitive areas could carry on despite a previous vow to ban them.
Roads minister Robert Goodwill told a conference of parking chiefs that, when it came to scrapping all the cameras, ‘no decisions had been made’, and that they might still be used outside schools.
That contradicted previous pledges to  outlaw all of the controversial cameras,  which can issue penalties of up to £130 a  time. Communities Secretary Eric Pickles  had previously vowed to ban them, accusing ‘bullying’ councils of fleecing drivers ‘on an industrial scale’.
Councils rake in £30million a year from CCTV-led parking fines.
A Government consultation on the issue also stated: ‘The Government intends to abolish use of CCTV cameras for parking enforcement.’
Mr Goodwill was speaking at a summit in London organised by the British Parking Association, which represents 700 councils and private sector operators.