By SHAUN WATERMAN
UPI Homeland and National Security Editor
Feb. 1, 2008
WASHINGTON, Feb. 1 (UPI) -- Wireless phone headsets of the kind beloved
by Wall Street executives and high-end law firms can be bugged by simple
off-the-shelf radio scanners unless they are encrypted.
"These guys are bugging their own office, essentially," security
consultant Doug Shields told United Press International.
He said that, for a recent client, he had used an inexpensive commercial
scanner capable of monitoring frequencies in the 900 MHz and 1.2 GHz
ranges, which is where many of the popular hands-free headsets operate.
He said the scanner could hear conversations inside buildings as far as
600 feet away. "Sometimes, when the other party has hung up, the
wireless connection remains open and you can hear what (the party at
your end) is saying afterwards."
>From a position across the street from his client's facility, he said,
the equipment was able to record conversations by employees, including
commercially sensitive information. "Some of this stuff, if you traded
on it, you'd never have to work again," said Shields, a partner in
Syracuse, N.Y.-based Secure Network Inc.
Scott Berinato, the executive editor of Chief Security Officer magazine,
told UPI he was aware of cases where the technique had been employed,
among others, for corporate espionage.
"Some are encrypted, most are not," he said of the commercially
available headsets. "The risk is (the difficulty involved in bugging
them) is reasonably trivial."
Subscribe to InfoSec News