Mobile IoT Authors: Zakia Bouachraoui, Pat Romanski, Yeshim Deniz, Carmen Gonzalez, Liz McMillan

Blog Feed Post

Corporate Departments Left Open to Voice Call Interception despite Being "Prime Targets"

London, UK - 04 February 2010: Sensitive departments within organisations are being left vulnerable to mobile phone call interception. A recent survey conducted by ABI Research on behalf of Cellcrypt, (www.cellcrypt.com), the leading provider of secure mobile voice calling, found that fewer than one in five people in departments that handle sensitive information such as financial, legal and research and development have deployed some form of voice encryption solutions*.

The survey, conducted amongst 250 senior executives in both medium and large organisations showed that despite regularly discussing financial information (78%), employee data (66%), as well as IP (51%) and commercial secrets (50%), the majority of these conversations are unprotected despite over 80% of respondents believing mobile phones to be as vulnerable, if not more so, than e-mail communications if leaked. Of those who admitted to regularly discussing sensitive information, 80% believed, if leaked, this information would have a major impact on the organisation.

In addition to other interception methods such as man in the middle scams and on-device taps, the threat of mobile voice interception has intensified recently with the cracking of encryption on GSM mobile phone calls. In December, the Chaos Computer released the GSM Codebook, a large lookup table of pre-generated GSM encryption keys which allows hackers to rapidly crack A5/1 - the encryption standard for GSM mobile phone call security. Just two weeks later, leading cryptographer Adi Shamir, published a white paper detailing a practical method for cracking the next generation of encryption standard, A5/3, in less than two hours.

"The inherent insecurities of GSM encryption have been well publicised, even though most governments and enterprises have been aware of this threat for a while," said Simon Bransfield-Garth, CEO Cellcrypt. "However, this research shows there is still confusion out there about whom, when and how people should be protected from this threat. Organisations need to start taking serious steps to consider coherent security strategies that protect multiple weak spots against attack. This work needs to start sooner rather than later as standard GSM encryption becomes unreliable and open to easier interception within the next six months."

Despite 92% of respondents considering it the organisation's duty to provide employees with mechanisms to protect information or their own personal safety when travelling to high-risk areas, several admitted confusion over who was responsible, with Heads of IT, Security, Networking and Operations all being assigned responsibility**.

"Despite sometimes being viewed as something for the movies, crimes such as corporate espionage, kidnap for ransom and extortion by organised criminals can and do happen," commented Stuart Quick, Operations Manager at Henderson Risk Limited. "Mobile voice interception is one way in which these crimes can be facilitated. The increasing interception risk underlines the need for organisations to adopt a robust approach to securing these calls, especially when the senior managers in departments such as finance and legal are prime targets."

Notes to Editors

- The sample size was 250 senior executives
- The participation requirements were:
- Work for organisations that employ 100+ people
- Work for organisations whose employees use mobile phones for business purposes
- Work in IT, Telecom, Corporate Management, or Line of Business Management
- Very or extremely knowledgeable about the use of mobile phones by employees and
management level staff within their organisation
- All participants were based in the US
- The term 'large business' denotes any company with over 1,000 employees

*When asked whether senior managers in key departments use voice call encryption solutions for mobile phone voice calls, the survey found that just 13.5% of financial, 17.1% of legal and 18.3% of research and development departments had solutions deployed

**When asked who in their organisation is responsible for ensuring the security/preventing the interception of voice calls, 53% responded the Head of IT, 21% responded security, 7% responded Networking and 6% responded operations

# Ends #

About Cellcrypt
Cellcrypt is the leading provider of technology to secure mobile voice calls on everyday smartphones. Founded in 2005, Cellcrypt's R&D innovation resulted in Encrypted Mobile Content Protocol (EMCP), an Internet Protocol (IP) based technology that optimises delivery of encrypted data between mobile devices over wireless networks.

Cellcrypt's products are undergoing security certification to the FIPS 140-2 standard approved by the US National Institute of Standards and Technology (NIST), operate over data-enabled networks including 2G (GPRS/EDGE), 3G (HSPA, CDMA/EV-DO) and Wi-Fi®, and are optimised to run on Nokia® Symbian and BlackBerry® smartphones. Cellcrypt is a BlackBerry Alliance Partner and Inmarsat Connect Partner.

Today, Cellcrypt solutions are used routinely by governments, enterprises and senior-level executives worldwide. Cellcrypt is a privately-held, venture-backed company with headquarters in London, UK and offices in USA and Middle East.

For more information please visit: www.cellcrypt.com

For all media enquires please contact:

Cellcrypt Team
Grant Butler Coomber
E-mail: [email protected]
Tel: +44 (0)208 322 1922

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

IoT & Smart Cities Stories
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...