New Times,
New Thinking.

  1. Politics
  2. Media
20 December 2011

The ‘phone hacking’ was despicable, but it wasn’t hacking

Private investigators hired by tabloids were ‘blaggers’, not hackers.

By Jason Stamper

We now know that certain tabloids including the News of The World covertly gained access to the voicemails of all sorts of people, from celebrities, to the family of murdered schoolgirl Milly Dowler. It was, as Robert Jay Q.C. described in his opening submission to the Leveson Inquiry, a “fishing expedition”.

But while some have described the actions of the tabloids and the private investigators they hired as ‘hacking’, as far as we know thus far, it was nothing of the sort. What they did should really be described as communications interception, or if you want to use security parlance, default configuration attacks.

If the owner of a mobile phone does not set it up with a new voicemail password or PIN, it remains the default PIN set by the phone maker or telecoms operator. 1234, for example, or 0000. All that a private investigator then needs to listen to one’s voicemails is the mobile phone number itself, and for the owner not to have changed the PIN.

So what the private investigators did was ‘blag’ the mobile phone numbers of their intended victims, either through social engineering techniques where you persuade a helpful person to divulge a mobile number by pretending to be someone else, or simply by paying someone at the phone company to give it out.

Select and enter your email address Your weekly guide to the best writing on ideas, politics, books and culture every Saturday. The best way to sign up for The Saturday Read is via saturdayread.substack.com The New Statesman's quick and essential guide to the news and politics of the day. The best way to sign up for Morning Call is via morningcall.substack.com
Visit our privacy Policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.
THANK YOU

That is not to say that what the tabloids and the private investigators they hired was not despicable, and the Notw‘s royal affairs editor Clive Goodman and private investigator Glenn Mulcaire may not be the only persons deemed by the courts to have also acted criminally.

There are techniques that can be used to hack into mobile phone conversations themselves and also to snoop on text messages sent via mobile phones. GSM interceptors can do exactly that, but these are not something someone with little more than ‘blagging’ skills would be able to deploy. Companies, more sophisticated hackers and even governments do use them, but we’re yet to hear evidence that these were used by the tabloids or private investigators under the Leveson Inquiry spotlight.

It’s scary enough that corporations and governments use sophisticated cybercrime techniques to bypass internet and communications security. It’s worth being that little bit more specific about the techniques that are being used in different situations, if we don’t want the general response to be, ‘there’s nothing I can do about my online security: if someone wants to hack my voicemails I am sure they could’.

When really the response in this instance, along with the outrage, might also be, ‘I should change my PIN’.

Jason Stamper is NS technology correspondent and editor of Computer Business Review.

Content from our partners
The Circular Economy: Green growth, jobs and resilience
Water security: is it a government priority?
Defend, deter, protect: the critical capabilities we rely on