Flaw in SIM encryption leaves millions of old phones at risk
The physical shape of SIM cards has changed a lot in only a few years, with the new Micro and Nano sizes being extremely small. A weakness in the encryption of older cards means that hackers could potentially control a phone in only two minutes.
Phones using the DES security standard – approximately 750 million of them – can be controlled by hackers, who can listen in on conversations, send SMS messages and even clone the entire card. While not entirely comforting for users of DES SIM cards, it seems that newer technologies cannot be controlled in the same way.
IBM’s Data Encryption Standard dates back to 1977, and brute force attacks have damaged its popularity. For the most part it has been superseded by the likes of Triple DES encryption, which you’re far more likely to find in use.
While inconvenient, there is little that can be done to prevent weaknesses being found. The possibility of this security loophole being fixed is not certain, so it could be a worthwhile endeavor to replace ancient SIM cards.