A senior consultant to the Department of Trade & Industry on telecoms security has warned an international conference that the introduction of third generation (3G) mobile telephone technology will expose the industry to criminal practices conducted via the Internet.
Charles Brookson, a DTI consultant, issued the warning at Crime 2000, a computer crime conference held last week and organised by the Association of Chief Police Officers and Federation of Communication Services. He said that because the system routes calls through the Web, telecommunications companies will have to deal with attacks from computer viruses and backdoor programmes - allowing hackers easy access to networks.
Other ways in which IT fraudsters could attack the system may focus on automatic directory enquiry services, where users can ask the phone to scan Web sites for information, which will be flashed up on a display, just as a PC user surfs the Net.
Because mobiles will automatically dial into a particular Web site if asked to supply certain information, hackers could place programmes on the Net that divert a mobile to an expensive premium rate line, without the caller realising it. Also, because the system is not based on telephone numbers, there could be additional problems for law enforcement authorities wishing to monitor calls. A check for a destination telephone number may only reveal an e-mail address, Brookson warned.
Another problem for police is that third generation phones will allow users to encrypt their messages until they reach their destination corporate network, instead of the local base station as at present. The new system will also allow encryption of calls between mobile networks.
"It's a much more difficult system than GSM from a security point of view," said Brookson.
On the other hand, fraudsters would be unable to illicitly penetrate the new system by setting up a false base station as is possible with existing GSM networks.