Computer Weekly can reveal how a tabloid newspaper might have hacked into Prince Charles' mobile phone. The same system could be used to steal corporate information, according to security expert Matt Lambert.
A US-based service, www.Spoofcard.com, allows anyone to make a phone call and disguise their Call Line ID (CLI) with any number they choose. By calling Prince Charles' mobile phone, and using Spoofcard to mimic Charles' phone's CLI, they could be put through to his voice messaging service. The service would then have recognised the CLI, and would automatically put the reporter through to Charles' voice messages, which he would be able to download and record.
Unified communications security expert Matt Lambert, at Avanquest, warned that mobile voice messaging exposes corporations to massive security risks. "I am particularly against businesses relying on mobile voice mail. There is a lot to fear. The only thing you will not fall foul of is compliance regulations, but that is because the regulations are so vague," said Lambert.
Lambert said anyone could use the technology to exploit the security vulnerability which is common to all mobile phone voice messaging systems.
In January 2007, News of the World editor Andy Coulson resigned over the royal phone tapping scandal, while the phone tapping journalist Clive Goodman was jailed for six months.
Comment on this article: firstname.lastname@example.org