On the Hook
Vodafone, Ericsson Get Hung Up
In Greece's Phone-Tap Scandal Bugging of Nation's Leaders Points to
Security Holes, Sets Off Multiple Probes Technician's Mysterious
Death
http://online.wsj.com/article/SB115085571895085969.html
By
CASSELL BRYAN-LOW
June 21, 2006; Page A1
ATHENS -- In early March 2005, George Koronias,
Vodafone Group
PLC's top executive here, contacted the Greek prime minister's office
about an urgent security matter. Vodafone's network in Greece had been
infiltrated by phone-tapping software targeting an elite group of
cellphones: those assigned to many of the country's leaders, including
senior police and defense officials, cabinet members and the prime
minister himself.
The ensuing scandal -- which some investigators believe may also be
linked to the death of one Vodafone worker -- has shaken this nation in
the wake of one of its greatest sources of recent national pride: hosting
the 2004 Olympic Summer Games. The bugging effort appears to have been
active in the weeks leading up to the August games and wasn't discovered
for seven months, potentially allowing eavesdropping on more than 100
cellphones, including one linked to the U.S. Embassy in Athens, according
to the Greek government. The U.S. Embassy declined to comment.
It is proving to be a huge embarrassment to two of the biggest names in
the global cellphone industry -- Vodafone of the U.K., the world's
biggest cellphone-service provider by revenue, and its equipment
supplier, Telefon AB L.M. Ericsson of Sweden. Vodafone, as the license
holder, could face millions of euros in fines by Greek telecom regulators
if, for instance, its safeguards are found to be lax. The case also
provides a rare window into sophisticated bugging techniques and
illustrates how eavesdroppers can penetrate supposedly secure
networks.
Much about the affair remains a mystery. Government prosecutors, who
continue to probe the matter, have yet to name any culprits. Nor have
they uncovered a motive for the software's installation or confirmed that
conversations were actually monitored.
It long has been possible to tap into an individual's cellphone
conversation. Law-enforcement officials commonly do this to keep tabs on
suspected criminals and terrorists, typically with court approval. What
makes the Greek affair unusual among cases that have come to light is
that the eavesdroppers apparently are unknown and the targets are
government officials.
Complicating matters is that hours before Mr. Koronias contacted the
government, one of his network managers, Costas Tsalikidis, was found
dead in his Athens apartment, hanging from a rope tied to pipes outside
the bathroom. Prosecutors believe there may be a link between Mr.
Tsalikidis's death and the bugging, according to a person familiar with
the investigation.
Mr. Tsalikidis's family members contend his death was not a suicide, as
Greek police initially ruled. They believe it is likely that 39-year-old
Mr. Tsalikidis, a technical expert, discovered the spy software. Mr.
Tsalikidis had been planning for a while to quit his Vodafone job but
told his fiancée not long before he died that it had become "a
matter of life or death" that he leave, says the family's lawyer,
Themis Sofos, in an interview. She pressed Mr. Tsalikidis for details,
but he wouldn't expand, Mr. Sofos adds.
Newbury, England-based Vodafone, in a Feb. 3, 2006 statement, dismissed
any link between Mr. Tsalikidis's death and the phone tapping.
Separately, it also has denied it was involved in the bugging
operation.
Ericsson, of Stockholm, which also denies any involvement, said
responsibility for network security lies with the customers that provide
the phone service.
For both companies, the scandal raises uncomfortable questions about the
ease with which such supposedly secure networks can be penetrated.
Ericsson, the world's largest maker of wireless network equipment --
roughly 40% of the world's cellphone calls pass through its gear -- is a
key partner for Vodafone.
The events have caused a stir among Vodafone and Ericsson customers,
leaving both companies to field questions about what happened. Vodafone
has launched a recovery plan in Greece to rebuild its reputation,
including advertising campaigns and other communications with customers,
suppliers and the government.
Ericsson says it has checked the networks of the three other Greek
cellphone-service providers that use its equipment as well as a number of
other customers world-wide and hasn't found traces of this type of
illegal bugging software. "As far as Ericsson knows, this is a
unique incident," it said in a statement. Vodafone spokesman Ben
Padovan said: "We have never discovered anything like this before or
since."
Some experts and politicians say the operation appears to be the work of
foreign intelligence agencies, given its sophistication. The
eavesdroppers were able to gain access both to Vodafone's networks and to
someone with intimate knowledge of Ericsson's software. And they had the
significant resources required to develop and test the rogue software,
the experts say. Technical experts probing the matter have also found
links between the bugging software and various overseas telephone numbers
in the U.S., the United Kingdom and elsewhere.
The 2004 Summer Games came at a time of particularly heightened concern
among intelligence agencies in Greece, the U.S. and elsewhere about
possible terrorist attacks.
Behind the Operation
Behind the bugging operation were two pieces of sophisticated
software, according to Ericsson. One was Ericsson's own, some basic
elements of which came as a preinstalled feature of the network
equipment. When enabled, the feature can be used for lawful interception
by government authorities, which has become increasingly common since the
Sept. 11 terror attacks. But to use the interception feature, operators
like Vodafone would need to pay Ericsson millions of dollars to purchase
the additional hardware, software and passwords that are required to
activate it. Both companies say Vodafone hadn't done that in Greece at
the time.
The second element was the rogue software that the eavesdroppers
implanted in parts of Vodafone's network to achieve two things: activate
the Ericsson-made interception feature and at the same time hide all
traces that the feature was in use. Ericsson, which analyzed the software
in conjunction with Greece's independent telecom watchdog, says it didn't
design, develop or install the rogue software.
The software allowed the cellphone calls of the targeted individuals to
be monitored via 14 prepaid cellphones, according to the government
officials and telecom experts probing the matter. They say when calls to
or from one of the more than 100 targeted phones were made, the rogue
software enabled one of the interceptor phones to be connected
also.
The interceptor phones likely enabled conversations to be secretly
recorded elsewhere, the government said during a February 2006 news
conference. At least some of the prepaid cellphones were activated
between June and August 2004. Such cellphones, particularly when paid for
in cash, typically are harder to trace than those acquired with a monthly
subscription plan.
Vodafone claims it didn't know that even the basic elements of the legal
interception software were included in the equipment it bought. Ericsson
never informed the service provider's top managers in Greece that the
features were included nor was there a "special briefing" to
the relevant technical division, according to a Vodafone statement in
March.
But Ericsson's top executive in Greece, Bill Zikou, claimed during
parliamentary-committee testimony that his company had informed Vodafone
about the feature via its sales force and instruction manuals.
Vodafone and Ericsson discovered something was amiss in late January 2005
when some Greek cellphone users started complaining about problems
sending text messages. Vodafone asked Ericsson to look into the issue.
Ericsson's technicians spent several weeks trying to figure out the
problem, with help from the equipment maker's technical experts at its
headquarters in Sweden. In early March of that year, Ericsson's
technicians told Vodafone's technology director in Greece of their
unusual discovery about the cause of the problems: software that appeared
to be capable of illegally monitoring calls. It's unclear exactly how the
rogue software caused the text-messaging problem.
Ericsson confirmed the software was able to monitor calls, and Vodafone
soon discovered that the targeted phones included those used by some of
the country's most important officials. On March 8, Mr. Koronias ordered
that the illegal bugging program be shut down, in a move he has said was
made to protect the privacy of its customers. He called the prime
minister's office the next evening.
The head of Greece's intelligence service, Ioannis Korantis, said in
testimony before the parliamentary committee last month that Vodafone's
disabling of the software before authorities could investigate hampered
their efforts. "From the moment that the software was shut down, the
string broke that could have lead us to who was behind this," he
said. Separately, he distanced his own agency from the bugging effort,
saying it didn't have the technical know-how to effectively monitor
cellphone calls.
Hours before Mr. Koronias contacted the prime minister's office on March
9, Mr. Tsalikidis's mother discovered her son dead in his modest
apartment in a residential neighborhood in northwest Athens.
His family says Mr. Tsalikidis, who liked to travel and collect vintage
rock records, was a generally cheerful man with a mathematical bent who
was due to be married to his long-term girlfriend just months later.
Among the details of his death they consider suspicious are the lack of a
suicide note and the expertly tied knots in the white rope he was found
hanging from.
Mr. Tsalikidis's job entailed helping design the company's high-speed
mobile network. According to Mr. Sofos, the family attorney, his work
notebooks show he had been looking into a text-messaging problem on the
network shortly before the bugging software was discovered. It is unclear
from his notebooks if that was related to the initially reported
text-messaging problem that Vodafone asked Ericsson to look
into.
Ioannis Diotis, a well-respected prosecutor known for his antiterrorist
work, has been investigating the death since earlier this year. As part
of a broader criminal probe into whether the country's
communications-privacy and espionage laws were broken, he is
investigating potential links between Mr. Tsalikidis's death and the
bugging, according to the person familiar with the investigation. Mr.
Diotis just finished his report, this person said, which was expected to
suggest there are links between the two events. It is unclear, however,
whether he has found sufficient evidence to conclude it was
murder.
Under Wraps
The government kept the scandal under wraps for almost a year. But in
February, after the government concluded its own preliminary
investigation, several government ministers held a news conference to
reveal the breach. They said that in addition to Greek Prime Minister
Kostas Karamanlis, the bugging also targeted Greek cabinet ministers,
senior military officers and the mayor of Athens, among others. The
government didn't respond to repeated requests for further comment, but
has said that the highly technical nature of the case and the fact that
it had to conduct its initial investigation in secrecy slowed down its
efforts to find the culprit.
The disclosure sparked a massive public outcry and a number of other
investigations, including one by the state-funded telecommunications
watchdog, the Authority for the Information and Communication Security
and Privacy, or ADAE. While it's still unclear when the spy software was
installed, ADAE's experts say it was definitely in place by late January
2005, when unspecified modifications were made by the eavesdroppers via
one of Vodafone's switching centers. These centers -- typically large,
security-protected buildings -- house the software that connects
calls.
The modifications are a key focus of a preliminary report by the telecoms
watchdog. The report concludes that the changes were made by someone with
authorized access to Vodafone's networks. The modifications "took
place either through the internal network of Vodafone or through a
physical presence" at the switching center, the report said,
prompting some to suspect Vodafone employees played a part.
Based on the findings by the telecoms watchdog to date, "there is no
doubt that personnel of Vodafone were involved," says Miltiades
Evert, a member of parliament for the ruling New Democracy party who also
sits on the committee investigating the affair. "How many there were
and which rank, nobody knows."
If the ADAE finds Vodafone to be in violation of certain conditions of
its license, such as securing the privacy of communications, Greek
regulators could levy multimillion-euro fines and even revoke the
company's license. The ADAE, which declined to comment, is continuing its
probe and is expected to deliver a final report in the coming
weeks.
ADAE's technical experts also note that the rogue software was so
sophisticated it would have required testing in a center fitted with
Ericsson equipment, which can be purchased but isn't easily set up.
"Ericsson cannot be unaware of who has this special
capability," said ADAE President Andreas Lambrinopoulos during
parliamentary-committee testimony last month. "There are few people
in the world that can do something like this."
Ericsson says there are a number of people with specialized knowledge of
its systems. These include some current and former Ericsson employees,
experienced consultants and specialists that are working or have worked
at its customers.
ADAE's technical experts also say the interceptor phones were in contact
via phone calls and text messages with various overseas destinations,
namely the U.S., including Laurel, Md., the U.K., Sweden and Australia,
according to the ADAE preliminary report. Some of these calls and
messages were initiated and received directly from the 14 interceptor
phones and some were relayed via a second group of at least three other
prepaid phones that also were in contact with the 14 interceptor
phones.
Some Greek politicians note that one of the U.S.'s principal spy
agencies, the National Security Agency, is based near Laurel, Md. The
agency recently has been in the spotlight, with some members of the U.S.
Congress criticizing the Bush administration for monitoring, without a
warrant, calls between people in the U.S. and suspected terrorists
overseas. Agency spokesman Don Weber said the "NSA takes its legal
responsibilities seriously and operates within the law." As for
whether the NSA or other U.S. authorities were involved in the Greek
incident, he said the agency doesn't "discuss ongoing or pending
investigations."
---------------------------------------------------------------------------=
-------------------------
We Expertly Hunt Real Spies, Real Eavesdroppers, and Real
Wiretappers.
---------------------------------------------------------------------------=
-------------------------
James M. Atkinson
Phone:
(978) 546-3803
Granite Island
Group
Fax:
(978) 546-9467
127 Eastern Avenue
#291
Web:
http://www.tscm.com/
Gloucester, MA
01931-8008
Email:
mailto:jm..._at_tscm.com<=
/a>
---------------------------------------------------------------------------=
-------------------------
World Class, Professional, Ethical, and Competent Bug Sweeps, and
Wiretap Detection using Sophisticated Laboratory Grade Test
Equipment.
---------------------------------------------------------------------------=
-------------------------
Received on Sat Mar 02 2024 - 00:57:15 CST