Subscriber Identity Modules Hear it!

Subscriber Identity Modules (SIMs) Hacker Definition
Sometimes referred to as smart cards, whose basic functions in wireless communications are for roaming and subscriber authentication. Although these features can be achieved using a centralized “intelligent” network (IN) solution or a “smart” handset (such as a cellular phone), some important benefits that could not be obtained without the use of a SIM card include improved security and more marketing opportunities. In fact, the latter are considered to be primary features differentiating wireless service offerings. Smart cards have microprocessors built into their design so that they can run small applications.

In March 2005, a Los Angeles security consulting firm conducted an experiment outside the Academy Awards ceremony in Hollywood and showed that security risks can arise with smart cards. Three employees of the company Flexilis placed themselves in a crowd of more than 1,000 people and watched celebrities from about 30 feet away as they entered the Kodak Theater. The researchers said that they were able to detect that somewhere from 50 to 100 attendees had smart card cell phones whose contents could be siphoned from the service providers’ centralized computers. (Within weeks of the Academy Awards ceremony, some personal contents of Paris Hilton’s T-Mobile phone were siphoned from the service provider’s computers and posted on the Internet.)

Though the Flexilis researchers noted that the range of vulnerable phones seemed to be a bit odd, some of the “vulnerable” cellular phones may have been detected more than once with the researchers’ laptop computer, scanning software, and a powerful antenna used in their experiment. Because the White Hat researchers did not tap into any of the scanned cell phones—which would have then become a cracking exercise—they could not tell exactly whose cell phones were vulnerable. The researchers said that the purpose of the experiment was to raise awareness about the threat to privacy that is becoming increasingly common as advanced cell phones contain more personal information such as passwords, credit card numbers, and Social Security numbers. Celebrities such as film stars, musicians, executives, and politicians are especially vulnerable to crack attacks because they tend to be early adopters of emerging technologies, typically without fully understanding the security risks associated with any new technology. Their personal information is a highly marketable item for cybercriminals.

See Also: Cybercrime and Cybercriminals; Smart Cards, Social Security Number (SSN); Wireless.

International Engineering Consortium. Smart Cards in Wireless Services. [Online, 2004.] International Engineering Consortium Website. http://www.iec.org/online/ tutorials/smartcard/; Markoff, J. and Holson, L.M. An Oscar Surprise: Vulnerable Phones. [Online, March 2, 2005.] The New York Times Website. http://www.nytimes.com/2005/ 03/02/movies/oscars/02leak.html.