Vodafone UK have been subject to hacking. The Hackers Choice (THC) have been experimenting with the Femtocell’s (Sure Signal) that Vodafone distribute to it’s customers who live in a poor coverage area or those customers that buy one for a small fee.
Since 2009 THC have been researching into the way that the Femtocell’s work and how they communicate with the network. THC have managed to gain unauthorised access to Vodafone’s internal network with a Femtocell due to a flaw in the way Vodafone implemented the systems. Vodafone gives the cell full access to it’s internal network and THC have full control of their cell. That could be a recipe for disaster.
Vodafone have a limit of how many handsets can access the cell that is issued to the customer. The customer needs to register the cell and the telephone numbers of the handsets they want the cell to be available to. THC have managed to remove this restriction so that any Vodafone handset within range of the cell can connect to it and use it. They have also been able to listen in to calls made through the cell, make calls as customers and also listen to customers Voicemails. All this was done with consumer equipment available to everyone. Phone hacking is a big thing on the news at the moment, I think Vodafone’s security team need to get their thinking caps on. Is this the only flaw?