Article 43


Saturday, October 13, 2007

The Athens Affair


The article below brings back memories of my years at AT&T, and a reminder of disturbing possibilities for the future of the security of our country’s telephone infrastructure, if greed, ill-will, and denial steer TELEPHONE COMPANY POLICY MAKERS down a dark path.


While looking for some underused tandem trunk groups to reroute or disconnect (to save the company some money), I stumbled upon, and told my superiors about the existence of default (or no) passwords on remote equipment used to control network elements (eg central office switches, DACS frames, voicemail, etc) accessed over dial-up modems.

For example - a bunch of 5ESS trunk line work stations (TLWS) across the country were found connected to modems and dial-up phone lines with no safeguards in place to validate the user calling them, or restrict usage. A modem, and vt100 comm program (like windows hyperterm) granted anyone from anywhere full technician privileges. The TLWS/STLWS is a terminal used for command and control of a 5ESS switch. Virtually every function of the switch can be done through it. The DESIGNERS at (the old) Lucent built in plenty of security, but none of it may have been turned on - possibly flinging the door wide opened for PHREAKERS, criminals, curious, and anyone else - to do anything from eavesdrop on calls, to shutting off everyone’s dial-tone, to erasing activity logs.

After an initial writeup urging for a policy to secure these dial-up lines, it’s urgency was ignored, and I was told to focus on proactively predicting and preventing network problems - like identifying unused tandem trunk groups to disconnect to save the company some money - not predicting and proactively preventing central offices from being taken over and 0WN3D by unauthorized, unknown parties.

All in the name of saving money.

I believe the issue was dropped (or possibly may have been referred to another department for funding) when our district manager decided it would be too costly to secure the dial-up lines with CALL BACK MODEMS, and secure the exposed TTYs with passwords and RESTRICTED SHELLS.

All in the name of saving money.

Later I wrote my boss an EQUALLY ALARMING and ignored letter about outsourcing the Network Operations Center to COMMUNIST CHINA, POVERTY RIDDEN INDIA, or anywhere off American soil. Soon after I think the company OUTSOURCED IT WORK TO IBM - many of those folks in India - now with possibly full control of network and computer operations of the planet’s largest, and [maybe still the] most technically advanced telephone infrastructure.

All in the name of saving money.

Today - I SHRUG MY SHOULDERS when hearing the last American TRANSATLANTIC CABLE was sold to a foreign company, or that some telco may be moving its switching equipment to FREE operating platforms, while ignoring patch management and basic security both in development and operations.

All in the name of saving money.

I’m pretty sure that as telco manufacturers and phone companies REPLACE their Nobel Prize winning SCIENTISTS and HIGHLY-SKILLED WORK FORCE with temporary day laborers, outsource operations and development to politcal adversaries and countries with HORRIBLE LIVING CONDITIONS - while the former BELL LABS and Lucent proprietary software gives way to Indian IT graduates’ assigments developing the web-based NEXT-GENERATION telco infrastructure - using outdated tools like JDK 1.3 and a WINDOWS 95 PC - also raises the possibility that America’s phone system may be easier to penetrate tomorrow, than getting through an opened door today.

All in the name of saving money.



The Athens Affair

By Vassilis Prevelakis and Diomidis Spinellis
July 7, 2007

On 9 March 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his Athens loft apartment, an apparent suicide. It would prove to be merely the first public news of a scandal that would roil Greece for months.

The next day, the prime minister of Greece was told that his cellphone was being bugged, as were those of the mayor of Athens and at least 100 other high-ranking dignitaries, including an employee of the U.S. embassy.

The victims were customers of Athens-based Vodafone-Panafon, generally known as Vodafone Greece, the country’s largest cellular service provider; Tsalikidis was in charge of network planning at the company. A connection seemed obvious. Given the list of people and their positions at the time of the tapping, we can only imagine the sensitive political and diplomatic discussions, high-stakes business deals, or even marital indiscretions that may have been routinely overheard and, quite possibly, recorded.

Even before Tsalikidis’s death, investigators had found rogue software installed on the Vodafone Greece phone network by parties unknown. Some extraordinarily knowledgeable people either penetrated the network from outside or subverted it from within, aided by an agent or mole. In either case, the software at the heart of the phone system, investigators later discovered, was reprogrammed with a finesse and sophistication rarely seen before or since.

A study of the Athens affair, surely the most bizarre and embarrassing scandal ever to engulf a major cellphone service provider, sheds considerable light on the measures networks can and should take to reduce their vulnerability to hackers and moles.

It’s also a rare opportunity to get a glimpse of one of the most elusive of cybercrimes. Major network penetrations of any kind are exceedingly uncommon. They are hard to pull off, and equally hard to investigate.

Even among major criminal infiltrations, the Athens affair stands out because it may have involved state secrets, and it targeted individualsa combination that, if it had ever occurred before, was not disclosed publicly. The most notorious penetration to compromise state secrets was that of the “Cuckoo’s Egg,” a name bestowed by the wily network administrator who successfully pursued a German programmer in 1986. The programmer had been selling secrets about the U.S. Strategic Defense Initiative (Star Wars) to the Soviet KGB.

But unlike the Cuckoo’s Egg, the Athens affair targeted the conversations of specific, highly placed government and military officials. Given the ease with which the conversations could have been recorded, it is generally believed that they were. But no one has found any recordings, and we don’t know how many of the calls were recorded, or even listened to, by the perpetrators. Though the scope of the activity is to a large extent unknown, it’s fair to say that no other computer crime on record has had the same potential for capturing information about affairs of state.

While this is the first major infiltration to involve cellphones, the scheme did not depend on the wireless nature of the network. Basically, the hackers broke into a telephone network and subverted its built-in wiretapping features for their own purposes. That could have been done with any phone account, not just cellular ones. Nevertheless, there are some elements of the Vodafone Greece system that were unique and crucial to the way the crime was pulled off.

Posted by Elvis on 10/13/07 •
Section General Reading
View (0) comment(s) or add a new one
Printable viewLink to this article
Page 1 of 1 pages


Total page hits 9584622
Page rendered in 1.1034 seconds
41 queries executed
Debug mode is off
Total Entries: 3216
Total Comments: 337
Most Recent Entry: 02/17/2020 09:01 am
Most Recent Comment on: 01/02/2016 09:13 pm
Total Logged in members: 0
Total guests: 12
Total anonymous users: 0
The most visitors ever was 172 on 12/25/2019 07:40 am

Email Us


Login | Register
Resumes | Members

In memory of the layed off workers of AT&T

Today's Diversion

When we reduce our own liberties to stop terrorism, the terrorists have already won. - Reverius


Advanced Search



February 2020
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29

Must Read

Most recent entries

RSS Feeds

Today's News

ARS Technica

External Links

Elvis Picks

BLS Pages


All Posts



Creative Commons License

Support Bloggers' Rights