Don’t believe cell phones insure privacy

Korea’s National Intelligence Service might insist that it is difficult to monitor cell phone conversations, but anyone who believes that is being naive, telecommunications experts say. Whether it involves cell phones, instant text messages or e-mail, no form of electronic communication is secure against eavesdropping, experts contend. After it was revealed two weeks ago that the nation’s spy agency had routinely taped private conversations between powerful figures in the 1990s, the agency said that it was not able to listen in on cell phone conversations. According to Bruce Schneier, founder and chief technology officer of California-based Couterpane Internet Security Inc., such a claim is “the standard defense” by officials. “When cell phones were first released, the manufacturers said eavesdropping wouldn’t be a problem because scanners were expensive and rare,” he said in an e-mail interview with the JoongAng Ilbo. “And guess what? Over the years, scanners, digital and analog, became cheaper, smaller, simpler and more plentiful.” Mr. Schneier said that only a scanner and a computer would be required to listen in on cell phone conversations. Nam Hyung-jong, an official with Korea’s security firm Goldstar Security System Co., said there is no communication method that cannot be monitored. “Only the costs and required technical expertise prevent those other than law enforcement agencies and government bodies from wiretapping,” he said. Mr. Nam said a Russia-based eavesdropping equipment manufacturer recently offered his company an interceptor for cell phone signals in code division multiple access, or CDMA, which is used by some 38 million cell phone customers in Korea. The machine, he was told, can listen in on up to 12 different lines at once and retails for 760 million won ($751,000). “I heard the Russian intelligence community is using the CDMA technology on suspected terrorists,” Mr. Nam said. Homeland Security Strategies, a division of a top U.S. manufacturer called the Security Intelligence Technology Group, is offering on its Internet site eavesdropping equipment for CDMA cell phones. Dubbed “G-Com 2066 CDMA,” the machine is able to intercept, record and play back cell phone conversations in a CDMA mobile phone network and capture text message data. According to the Web site, G-Com 2066 CDMA is to be used by law enforcement and government agencies to monitor and store cell phone conversations of suspected criminals. The technology for wiretapping on regular, land-line telephones has also significantly improved. Previous methods required physical installations of eavesdropping equipment on the telephone, but new techniques have emerged that use a laser beam, which is shot through the window of an interception object to detect any vibrations or tremors, and an amplifier that is mounted near phone lines on telephone poles to catch all signals. Communications through e-mail and instant messaging are no less vulnerable to wiretaps. “With information on a user’s e-mail ID and Internet protocol (IP) address, reading that person’s e-mail messages is a piece of cake,” a security expert said on the condition of anonymity. “You can get IP addresses through simple hacking or directly from e-mail service providers.” The online eavesdropping is considered much less difficult than traditional wiretapping because it does not require extra equipment beyond computers and is not restricted by location or time zones. In fact, a number of local companies are said to be monitoring e-mail messages or instant messenger contents written and received by their employees to prevent leaks of confidential corporate information. Law enforcement agencies are also expected to adopt similar monitoring of computer conversations soon. In February, the Supreme Public Prosecutors Office said it would consider creating a system to enable criminal investigators to conduct round-the-clock surveillance of all activities on certain Web sites, including popular community portals. When completed, the prosecutors’ system would allow 24-hour monitoring of about 300 Web sites that the office had designated as warranting continuous observation and have the capacity to compile lists of frequent visitors to these sites, and then to find their online IDs and IP addresses. All of this could be done without the assistance of telecommunications firms. An official with an information technology company that was bidding for the project said other investigative bodies are expressing interest in the system. As a result of the growing concern about wiretaps, domestic security companies are enjoying a surge in business. Mr. Nam of Goldstar Security System said the number of Seoul-based companies that help detect and prevent further wiretapping has grown from four to 12 after the eavesdropping scandals involving the National Intelligence Service. An official with one of the security companies said that for the first half of the year, his company received on average, four requests per week to check for possible eavesdropping, but is now accepting three calls per day. For Korea’s large companies, it has become common to inspect for the installation of wiretapping equipment before conducting seminars and conferences. Some have included in their company policies a section that calls for checks for potential bugging on a regular basis. Even foreigners are not safe from wiretaps here. In May, Korea Exchange Bank suspended an executive after he had a secret camera installed in the office of Richard Wacker, the bank’s chief executive officer. by Lee Chul-jae, Chang Chung-hoon