The month of cross connections
As Rupert Murdoch's News Corp. prepares to shut down News of the World, the public is coming to grips with what, for many, is a new term: phone hacking.Updated: Jul 09, 2011 22:59 IST
As Rupert Murdoch's News Corp. prepares to shut down News of the World, the public is coming to grips with what, for many, is a new term: phone hacking. It's a bit of a misnomer: Hacking implies that a company's computer systems are breached, often when someone exploits a security problem in a system, as with Apple's security flaw in its PDF iOS.
But in the case of phone hacking, the perpetrators intercept messages by breaking into a particular voice-mail account.
Phone hacking, then, is not so much hacking as it is lying.
According to Hemanshu Nigam, a security expert at SPP Blue, one way to hack phone messages is by impersonating users and claiming to have forgotten or lost their passcodes.
Mobile providers can deter this by having their customer service departments ask tougher security questions, said Nigam, whose company trains firms and service representatives how to protect consumer data.
"It's a message to phone companies and the like who have to increase security training and awareness for call centre employees to ask more critical questions," he said.
To better screen out impersonators, Nigam suggested more complicated questions such as the names of streets where the caller has lived five years.
At many US companies, when a customer calls to reset their passcode, the new code is sent to a user's handset. That's a practice that should be more common, he said, because it needs hackers to have not only info on a user but also the physical phone.
Even with good security, however, it's hard to predict and prevent targeted attacks.
And as technology advances, companies and governments are going to run into more problems over how to deal with digital attacks, said Glenn Manishin, a technology lawyer at Washington law firm Duane Morris.
News of the World has said that its actions were improper and, by implication, illegal, Manishin said. He said that in the US, hacked users could probably sue a third party who had accessed their voicemails without permission.
"The laws lag behind the technology," said Manishin. "The status of a whole bunch of emerging technologies, including social media and voicemail, is unclear."
(In Exclusive Partnership with The Washington Post)