A Musing on the Deutsche Telekom Data Leakage

As the scandal of Deutsche Telekom hit the airways, some Europeans think this type of spying only happens in the United States. However, the bad news is it happens in every country in the world. Corporations have started to spy on their customers, staff, and common people like you and me.

In May 2008, Deutsche Telekom, a major Telecommunication company from Germany, was investigated for eavesdropping against journalists and members of the supervisory, executive board and Chairman Klaus Zumwinkel and then CEO Kai-Uwe Ricke. Deutsche Telekom wanted to know who leaked information about layoffs and acquisition.

They have since been accused of other spying activities along with the BND (Bundesnachrichtendienst), Germany’s foreign intelligence agency. The BND was accused of extensive espionage while working with the NSA (United States National Security Agency). It is quite disturbing to know that legitimate businesses can spy on their executive staff as well as their customers; plus, turning it around and selling the data to others.

And we've been whining about North Korea, Lizard Squad, or the Russian underground.

Today, we hear about Deutsche Telekom (DT), tomorrow we might hear about other telecommunication carriers doing the same thing. At this rate, Facebook, Twitter, LinkedIn might not be the only social networks where we publicly share information. We might, without consent, share information each time we make phone calls, send SMSs, or use our computers, tablets, and smartphones.

Meanwhile, news on spying and hacking have been piling in non-stop.

• A security researcher discovered a vulnerability in Starbucks gift card hack that allowed unlimited fund transfer [Silicon Republic]
• Five Eyes Alliance (a global intelligence group comprises USA, UK, Canada, Australia, and New Zealand ) targeted app stores to plant malicious spyware [CBC news]
• IRS (United States Internal Revenue Service) hit by hackers, stealing details of 100,000 US taxpayers [Wired]
• GCHQ (UK Government Communications Headquarters) spied on Germany's Deutsche Telekom [Tripwire]

It is unfortunate that our world is becoming a live hive for hackers and spies with spy rings at legitimate businesses searching out the information they want.

Mobile users are particularly vulnerable to others listening to their conversations. Wireless, if you have the right tools, is open to any hacker who wants to monitor the airways. The CIA and other agencies have been monitoring communication for years. In the old days, it was called it espionage. Today, it is for business or entertainment purposes. To stop the intrusion, on the basic level, you can use protection software that deter people from get to your data nor being able to eavesdropping on your phone conversation.

Ever wonder how eavesdropping work?

Network eavesdropping, also known as network sniffing, is a technique of capturing and reading others’ user data content in the network environment. The targeted victim usually has no indication that something like that is happening. Via this technique, eavesdroppers can search for sensitive information like passwords, session tokens, or any confidential information. Such attacks are done by using tools called network sniffers. Telecom providers are pretty close to transport paths because they virtually own transportation cables and other infrastructure like routers, etc. Therefore, it is relatively easy for them to "eavesdropping" without raising any alert to unsuspecting customers.

Due to the passive, less invasive nature of network sniffing and its capability to operate in stealth mode, it has been often associated with hacking. Read this article from Udemy, an online learning platform, if you're interested in different applications of network sniffing, its common tools, and techniques.

SeaCat Mobile Secure Gateway is a snap-on armor for your mobile to IT infrastructure. To learn how you can protecting your information exchanged from/to your mobile devices, drop us a message at info@teskalabs.com.