Different River

”You can never step in the same river twice.” –Heraclitus

January 12, 2005

T-Mobile Security Breach

Filed under: — Different River @ 1:37 pm

Security Focus is reporting that someone cracked the security system protecting T-Mobile wireless phone system. He had access to customers SSNs, voicemail PINs, pictures from camera phones, e-mails sent through their Sidekick device … basically, everything but their billing information, which I guess must be on a separate system from the one he cracked. He was caught by the Secret Service (so “secret” they have a web page!), which has jurisdiction over certain types of computer fraud.

The first interesting thing about this is that as they were monitoring this guy’s activities, they discovered he had a bunch of sensitive Secret Service documents. How did he get them? It took them a while to figure it out, but he had not broken into any Secret Service computer systems — instead, some Secret Service agent had been using his T-Mobile SideKick to e-mail this stuff! So, the sensitive documents were stored on T-Mobile’s server, and the guy had already broken into that. Now this was not just any Secret Service agent — this was an agent whose specialty was computer security investigations! You would think — well, I would have thought — that someone like that would have known not to store sensitive information on someone else’s server. This should be a reminder to the rest of us — don’t store store sensitive information on a computer not under your direct control. That includes your ISP’s server! If an expert in the field could make a mistake like that, so can you.

The second interesting thing it how the identified the cracker. They were monitoring his activities all sorts of ways, including having an informant communicate with him through ICQ, but they didn’t know who he was In Real Life. So, they did a web search on his ICQ number, and found he’d listed it on a resume he posted on Security Focus in 2001, looking for a job in computer security! Moral of the story: If you’re going to steal someone else’s identity, make up an new one for yourself first! ;-)

The third interesting thing is that there is a source that says (read: “rumor”) that they are going to offer a plea-bargain to this fellow if he agrees to turn around and work for them on computer security. This was pretty common in the early days of computer security issues, but it’s been a while since I’ve heard of a deal like that. So this guy must be pretty good at what he was doing … except for the part about using the same ICQ number for crime and for his resume….

Leave a Reply

Powered by WordPress