Weak voicemail security revealed in Irish mobile operators
3 July 2014 | 0
Irish mobile operators are more vulnerable to unauthorised voicemail access than their UK counterparts.
According to Irish IT services company Lan.ie, during an audit of four mobile operators, it became apparent that two in particular were vulnerable to attack targeting calling line identification-based (CLI) weaknesses.
The company said in a security bulletin that two Irish mobile operators are “wide open to hackers with very little effort to get in and access people’s voicemails without a password or PIN”.
“The public are at risk, their privacy is at risk,” warns Tom O’Connor, security analyst, Lan.ie, “as anyone with a little know how can access their voice mails and get the numbers of the people calling them. It does not matter who they are be it a Judge, Politian, a Teacher, nobody is safe if using either of these two Irish Mobile Phone Networks.”
The problem, the company said, lies in the way mobile phone operators authenticate people checking their voice mail remotely.
“If a person spoofs (pretends) they are calling from your mobile number it allows them straight into your voicemail with no pin or password request. Technology such as spoofcard.com makes such attacks extremely easy,” said the bulletin.