How much gsm is vulnerable to hacker?

Global system for mobile communication GSM is EU network standard developed by European Telecommunication Standards Institute.

It is made to be immune to any kind hacker attacks by having user authentication with pre -shared key, challenge response and over – the-air encryption . But, there are several vulnerabilities that could be used to attack different part of the network.

The Universal Subscriber Identity Module presented in UMTS uses a longer authentication key that gives better security, and authenticate network and the user both, instead of GSM authentication  of only the user.

There are three known GSM cryptographic algorithms used for security, and those are A5/1, A5/2 and A5/3. A5/1 is the first and the stronger stream cypher, and it is used in EU and USA rather than the weaker one A5/2 which is used in other countries.

The both cyphers have weaknesses. The A5/2 can be hacked with ciphertext only attack and A5/1 with rainbow table attack  as presented in The Hacker Choice cracking project in 2007.

Since 2000, there were many attacks and efforts to crack the A5 algorithms . Karsten Nohl developed rainbow tables, and found new source for plain text attacks. He says that it is easy to crack the GSM network by building a full GSM interceptor from only open source components.

Nohl was able to intercept voice and text conversation using his old Motorola cellphone by impersonating another user to listen voice mail, making calls or sending text messages using a software from freeware site.

New attacks using wiretapping and eavesdropping techniques took advantage of weaknesses and poor GSM security to hijack the audio input and output giving third party abilities to listen to an conversation.

GSM has GPRS or General Packet Radio Service to transmit data like on the web. The GPRS cyphers were cracked in public in 2011.

The common cyphers used in GPRS are GEA/1 and GEA/2, which have flaws revealed by some researchers who published open source GPRS decode software for sniffing GPRS networks. Some carriers use GEA/0 cypher or unencrypted data traffic protocols which leaves the users unprotected from hacker attacks.

The hardest to break GPRS cypher, still remains GEA/3 and is in use in more modern networks, together with USIM and downgrade attacks users will be protected. Migration to even safer 128-bit GEA/4 system is a recommended choice to take.

GSM network is great network that could be standard for further development of newer mobile phone network technology. It is prone and vulnerable to hacker attacks and user tampering like spoofing, masking, cloning etc., even with protection and encryption of data with some of the three cypher methods. After a lot of research, practices and experience and developing of GEA/4 and other modern cypher methods,  GSM networks that use that, got more secure for all users.