My Thoughts on Technology and Jamaica: How NSA can hack the Baseband Processor and control your smartphone

Thursday, March 26, 2015

How NSA can hack the Baseband Processor and control your smartphone

Turns out the Octopus, a reference to the NSA (National Security Agency) and the CIA (Central Intelligence Agency), may have some seriously powerful communications intercept capabilities.

For one, the NSA can remotely shut down your smartphone and use it to spy on you, according to ex-CIA and NSA contractor Edward Snowden as revealed in the article “How the NSA can 'turn on' your phone remotely”, published June 6 2014 By Jose Pagliery, CNN Money.

So how can the NSA do this? Well, you know it’s all about that Baseband Processor.

Baseband Processor hack by NSA - How the NSA can remotely turn on your cellphone to spy on you

Apparently the hack relates to your baseband Processor in your smartphone, the secondary DSP (Digital Signal Processor) that handles communication to the Cell Tower for the Telecom Provider that your cellphone belong as noted in the article “Can the NSA Remotely Turn On Your Mobile Phone?”, published MAY 30, 2014 12:36 PM ET BY JILL SCHARR, Discovery News.

The other processor in your Smartphone actually controls the smartphone functionality and mainly runs the OS and Apps; that goes off when you press the power button. However, the Baseband Processor stays on, patiently listening out for commands from the cell towers for you Telecom Providers. It is this fact about the baseband Processor that is the basis for this hack which the CIA and NSA has had the capability to do since 2004.

The CIA (really the NSA) can use a femtocell or attocell in a hack similar to the Baseband Hack used to gain access to a Blackberry as described in my blog article entitled “How to Hack ANY Blackberry or Smartphone - SGP Technologies survived in the Lion’s Den as Blackphone Hack was cover for Blackberry Baseband Hack”.

The NSA basically mimics a cell tower and your smartphone connects to that femtocell or attocell. It then sends instructions to your cellphone to shutdown but leave the microphone, camera or even the GPS running. This would allow the NSA or CIA to track your location as well as keep listening to you and watching you via your smartphone's camera.

However it isn't totally foolproof. According to chief technology officer of the NSS Labs security John Pirc, a cyberscurity research firm, the hacking method has a warm giveaway, quote: “The only way you can tell is if your phone feels warm when it's turned off. That means the baseband processor is still running”.

Malicious Apps to track you – Trojan Viruses, Malicious updates make Apps into Remote Access Spies

Still, there are better ways to track someone smartphones.

For one, the hacker can use a malicious App with a Trojan Virus that can not only track you but give them the option to remotely control your smartphone, as described in my Geezam blog article entitled “Google Play Store Apps with AdWare threat to Android Security”.

Then there is malicious App updates that exploit weaknesses in the API (Application Interface) for older versions of Google Android smartphones as noted in my Geezam blog article entitledAndroid Browser Security unfixed as Google wants you to Upgrade to Lollipop”.

The hacker can create malicious updates and place them on a server mimicking your App’s server. Then when your App accesses the server to download the latest update, it will install on the phone and modify the App, giving the hacker access to your smartphone.  

This is similar to how one can hack an Internet connected car via the Vehicle Entertainment System which in most model cars is connected to the computer that control the brakes and engine as described in my blog article entitled “Automotive Security Researchers tell CNN Money Vehicles are hackable - How Vehicle Entertainment Systems are hacked

Then there is always the alternative of using a malicious App to steal information from another App, as they all share and run in the same memory area on your smartphone as stated in “Sneak Attack: Android Apps Can Spy on Each Other”, published 21.08.2014 by NBCNews.

This was based on the research of Qian and Qi Alfred Chen and Z. Morley Mao of the University of Michigan who had presented their findings at the USENIX Security Symposium in San Diego on Friday August 22nd 2014 in their paper entitled “Peeking into Your App Without Actually Seeing It: UI State Inference and Novel Android Attacks”.

Finally, they might not even need to get inside of your phone at all; Researchers at Stanford University and Israel’s defense research group Rafael have discovered that it’s possible to track a cellphone using just the power levels as described in the article  “SPIES CAN TRACK YOU JUST BY WATCHING YOUR PHONE’S POWER USE”, published 02.19.15 by ANDY GREENBERG, Wired.

Their technique, called PowerSpy, allows them to determine your location over a period of time using an App installed on the Smartphone that tracks your power usage from the Baseband Processor and thus determine which cell tower your connecting to and your relative distance and angular orientation based on what sector of the cell tower your smartphone is connecting.

Defense against the Dark Arts – what to do to stop Malicious Apps spying on your smartphone

The best way to stop Baseband Processor hacks is to really shut down the smartphone by doing a battery pull. Not really possible as most Smartphone no longer allow you to remove the battery in order to make the battery bigger, this is no longer an option, even if you don't own an Apple iPhone.

Other than that, the other options include placing your smartphone into Recovery Mode or spending a lot of money on signal blocking smartphone cases.

I recommend to not worry about this; the NSA and CIA are really hunting terrorists. To gain FULL control of your Smartphone, they're also have to install a malicious app on your smartphone to remotely control it from the outside.

So be careful of the Apps that you download and install, as some of the more innocent ones are giving away your GPS location, which you can of course disable by following the instructions in my blog article entitled “The Reason why I don't like Smartphones - Location Privacy and How to disable Location Services on Android and iOS”.

Plus, it's really the FBI you should be scared of if you're an American, as they are more likely to hack the smartphones of civilians!

No comments: