I’ve just read this article appeared on the last IEEE Spectrum issue. They talk about a breach in Vodafone Greece’s core network, a list of phone numbers intercepted and the apparent suicide of a technician in charge of Network Planning Management after he discovered the problem and alerted his supervisors about it.
- in 2004, before Athen’s Olympic Games. malicious software was planted on four MSCs, with no reboot, thanks to sophisticated hot-patching capabilities provided by Ericsson software
- fake phone number entries were created on these MSCs
- a list of 102 phone numbers were configured for automatic interception, during the Olympic Games, a copy of their conversations routed to the fake phone numbers
- those numbers belonged to Ministers, authorities, leaders of important institutions and leaders of activist groups
- a technician discovered the problem in January 2005 and apparently hanged himself soon after
- Vodafone CEO requested the MSCs to be rebooted immediately to clean the rogue software that was planted, but doing so they accidentally destroyed important traces including log files
- Phisicaly access to the MSCs (apparently required to plant the patch) was monitored and everybody entering the site had to sign a register, that unfortunately gets destroyed after 6 months
Actually this is no news, BBC had reported this back in December, but I didn’t know. Now, kudos to IEEE for bringing this scandal back to light, but they must be kidding when they say this is the work of “hackers”. Only secret services, CIA and the like, can do this sort of things. Hackers don’t have a list of VIPs to wiretap and they wouldn’t “convince” somebody to hang himself in order to cover up traces.