FW: Vodafone, Ericsson Get Hung Up In Greece's Phone-Tap Scandal

["Richard M. Smith" <rms () bsf-llc com>]

<http://online.wsj.com/article/SB115085571895085969.html?mod=todays_us_page_
one>
http://online.wsj.com/article/SB115085571895085969.html?mod=todays_us_page_o
ne
 

On the Hook
Vodafone, Ericsson Get Hung Up In Greece's Phone-Tap Scandal

Bugging of Nation's Leaders 
Points to Security Holes, 
Sets Off Multiple Probes
Technician's Mysterious Death
By CASSELL BRYAN-LOW
June 21, 2006; Page A1


ATHENS -- In early March 2005, George Koronias, Vodafone
<http://online.wsj.com/quotes/main.html?type=djn&symbol=VOD> Group PLC's top
executive here, contacted the Greek prime minister's office about an urgent
security matter. Vodafone's network in Greece had been infiltrated by
phone-tapping software targeting an elite group of cellphones: those
assigned to many of the country's leaders, including senior police and
defense officials, cabinet members and the prime minister himself.

The ensuing scandal -- which some investigators believe may also be linked
to the death of one Vodafone worker -- has shaken this nation in the wake of
one of its greatest sources of recent national pride: hosting the 2004
Olympic Summer Games. The bugging effort appears to have been active in the
weeks leading up to the August games and wasn't discovered for seven months,
potentially allowing eavesdropping on more than 100 cellphones, including
one linked to the U.S. Embassy in Athens, according to the Greek government.
The U.S. Embassy declined to comment.

It is proving to be a huge embarrassment to two of the biggest names in the
global cellphone industry -- Vodafone of the U.K., the world's biggest
cellphone-service provider by revenue, and its equipment supplier, Telefon
AB L.M. Ericsson of Sweden. Vodafone, as the license holder, could face
millions of euros in fines by Greek telecom regulators if, for instance, its
safeguards are found to be lax. The case also provides a rare window into
sophisticated bugging techniques and illustrates how eavesdroppers can
penetrate supposedly secure networks.

Much about the affair remains a mystery. Government prosecutors, who
continue to probe the matter, have yet to name any culprits. Nor have they
uncovered a motive for the software's installation or confirmed that
conversations were actually monitored.

It long has been possible to tap into an individual's cellphone
conversation. Law-enforcement officials commonly do this to keep tabs on
suspected criminals and terrorists, typically with court approval. What
makes the Greek affair unusual among cases that have come to light is that
the eavesdroppers apparently are unknown and the targets are government
officials.

Complicating matters is that hours before Mr. Koronias contacted the
government, one of his network managers, Costas Tsalikidis, was found dead
in his Athens apartment, hanging from a rope tied to pipes outside the
bathroom. Prosecutors believe there may be a link between Mr. Tsalikidis's
death and the bugging, according to a person familiar with the
investigation.

Mr. Tsalikidis's family members contend his death was not a suicide, as
Greek police initially ruled. They believe it is likely that 39-year-old Mr.
Tsalikidis, a technical expert, discovered the spy software. Mr. Tsalikidis
had been planning for a while to quit his Vodafone job but told his fiancée
not long before he died that it had become "a matter of life or death" that
he leave, says the family's lawyer, Themis Sofos, in an interview. She
pressed Mr. Tsalikidis for details, but he wouldn't expand, Mr. Sofos adds.

Newbury, England-based Vodafone, in a Feb. 3, 2006 statement, dismissed any
link between Mr. Tsalikidis's death and the phone tapping. Separately, it
also has denied it was involved in the bugging operation.

Ericsson, of Stockholm, which also denies any involvement, said
responsibility for network security lies with the customers that provide the
phone service.

For both companies, the scandal raises uncomfortable questions about the
ease with which such supposedly secure networks can be penetrated. Ericsson,
the world's largest maker of wireless network equipment -- roughly 40% of
the world's cellphone calls pass through its gear -- is a key partner for
Vodafone.

The events have caused a stir among Vodafone and Ericsson customers, leaving
both companies to field questions about what happened. Vodafone has launched
a recovery plan in Greece to rebuild its reputation, including advertising
campaigns and other communications with customers, suppliers and the
government.

 ... 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.