SIM cards new national security risk, warns MHA

priyanshuit's picture

New Delhi: Did you ever imagine that your innocent looking mobile SIM card could be a major threat to national security? It now turns out that many of the SIM cards being used by nearly 700 million mobile users in the country may have malevolent embedded software, which has put India’s security agencies on tenterhooks.

    This new national security risk emerging out of the import of SIM cards, carrying embedded software for mobile phones, has alarmed the home ministry (MHA) and it intends to ask the telecom industry to replace all such imported SIMs in the country with locally manufactured ones at their own cost.

    According to a government source, only 30% of the total volume of SIM cards are imported at present, though even this figure will now be subjected to a formal evaluation of installed capacity.

    The fear is that the embedded software turns the SIM card into a minicomputer, which can be a cause of abuse. The MHA feels that although domestic telecom service providers personalize the SIMs, which reduces the risk, the security threat gets aggravated as telcos then provide the encryption keys to the manufacturing facility outside India, as part of standard trade practice.

    The security agencies are proposing that only blank SIM cards be allowed for import and the personalization process be done entirely by domestic firms. Consultations are on with the DoT to establish the lead time required to create such capacity and indicate a specific time frame to the MHA.

    However, since this can only reduce vulnerability of future imports, MHA wants the industry to replace all existing SIMs at its own cost. The MHA also wants the DoT to weed out all fake and duplicate IMEI numbers, indicating that its earlier crackdowns have not been entirely successful.

Operators get deadline for Skype, BlackBerry info

    Telecom operators in consultation with providers of services like BlackBerry, Skype and Gtalk will have to inform the government by March 31 the deadlines by which the security agencies can intercept their services. “The home ministry has asked the DoT to ensure that all telecom operators submit their plans by the end of this month on when they can provide access to all services,” said a senior official.

Source: The Times of India.

Comments

Visitor's picture

valuable info

Ya really this is a risk. It is not secure.
This is a major problem. It is a valuable information.

Post new comment

The content of this field is kept private and will not be shown publicly.
5 + 3 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

About the Author

priyanshuit's picture

Name
priyanshu

Last Name
sahay

Gender
Male

Website / Blog
http://www.hackersonlineclub.com

About me
Myself PRIYANSHU. >> Certified Cyber Law Expert >> Certified Cyber Security Expert >> Certified Ethical Hacker >> Working on Cyber Security, Ethical Hacking, Investigation, VAPT, Web Designing. Catch Me On >> Facebook: http://www.facebook.com/priyanshu.it Twitter: http://twitter.com/priyanshu_itech Email: priyanshu@cyber-india.in

Location
Delhi

Recent comments