The Swiss connection shines phone spotlight on US tourists

Unforeseen dangers of Swiss pre-paid phone deals...


Today's mobile phone terror scare story has the virtue of being real, but unfortunately only sort of. An Associated Press item (free registration required) cites Swiss newspaper reports that 'anonymous' mobile phone cards have been linked by Swiss investigators to Al Qaeda.

A good trick, if the card is really anonymous, but you can see - and if you can't, we shall tell - how anonymity can be compromised. 'Pay as you go' mobile phone systems are fairly common, ones that you can use internationally less so (but still quite common), and ones you can buy for cash, no questions asked, are rather uncommon. But you can get them in Switzerland, hence the claimed attraction of the country's kiosks to terrorist quartermasters.

But one might speculate that terrorists smart enough to know this might also be smart enough to conclude that the CIA is also smart enough to know this. So, if a Swiss pay as you go system is being used around Europe, it's probably safe enough for the user, because the user is likely to be Swiss, or indeed an American tourist (of which more shortly). But if a Swiss pay as you go system turned up in operation in, say, Pakistan, then it is to be expected that alert lights will go off, the phone's location will be tracked, and the security services will move in. American tourists using Swiss pay as you go systems in Pakistan, you have been warned.

A terrorist thinking straight would surely not do such a thing, but we accept that people do make mistakes. The Swiss papers, reports AP, speculated at a spokeswoman that the Swiss connection might have led to the arrest of Al Qaeda leading light Khalid Shaikh Mohammed, the spokeswoman declined to comment.

But whether or not that's how he got pinched, it's a possibility the thinking terrorist will surely consider when planning future activities, and the Swiss Federal Prosecutor's Office describes Switzerland as "a real paradise" for terrorists, drug dealers and sundry criminals. And war criminals hoarding Nazi gold? No, she doesn't seem to have mentioned this.

Rewind, though - how hard is it to get an anonymous mobile phone? Here in the UK many of these are in use, by what we call "teenagers." Hunt around for "prepaid SIM" (Subscriber Identity Module) and you will find numerous outfits in the US selling such things, the point being that for $99.95 or so US citizens traveling abroad can set themselves up with an operational phone system they can use without having to be worried about the bills. Which is both sensible and legal.

We're particularly taken with Telestial, a company that clearly loves its business and does its homework. Note that on this page, which is a history of prepaid SIMs, a notorious soft-on-terror nation is revealed as having twigged the potential early:

"The French secret service objected to the fact that there were unregistered phone numbers. Further they believed that the product would be abused by terrorists and other criminals. Consequently, you have to present a valid ID card and register your name, address etc, when you buy a Mobicarte."

So in France it's now about as hard as buying lethal weaponry.

Telestial sells pre-paid SIMs for a very wide range of countries, and its explanation of "Why prepaid?" points out that you avoid the contracts, the credit check, the monthly bill, and the wait. Which of course you can. You can't avoid giving a delivery address and credit card details either here or in the numerous other online international prepaid SIM sales sites, but these are not major obstacles for your thinking international criminal. Credit cards and addresses can become invalid, and the discerning terrorist will use a difficult to trace mobile for a specific operation, then discard it for another. We very much doubt that it is absolutely impossible to get a cash, no-ID SIM rated for international in somewhere other than Switzerland, and no doubt somebody will shortly tell us where, and how.

No doubt also the Swiss will at some point soon abandon anonymity, but that will make no great difference - if anything, it will merely impede the capture of the more stupid class of terrorist. Eliminating phones whose subscribers can't be readily traced is a much bigger hill to climb, given that pre-paid is an important sales category for the networks, and is therefore a problem that exists everywhere. If indeed you could call it a problem. Your call, Feds. ®

Similar topics

Broader topics


Other stories you might like

  • Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware
    Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D

    Analysis Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a corporate-like operating model, a year-long study has found.

    In a technical report this week, the folks at Prodaft, which has been tracking the cybercrime gang since 2021, outlined its own findings on Wizard Spider, supplemented by info that leaked about the Conti operation in February after the crooks publicly sided with Russia during the illegal invasion of Ukraine.

    What Prodaft found was a gang sitting on assets worth hundreds of millions of dollars funneled from multiple sophisticated malware variants. Wizard Spider, we're told, runs as a business with a complex network of subgroups and teams that target specific types of software, and has associations with other well-known miscreants, including those behind REvil and Qbot (also known as Qakbot or Pinkslipbot).

    Continue reading
  • Supreme Court urged to halt 'unconstitutional' Texas content-no-moderation law
    Everyone's entitled to a viewpoint but what's your viewpoint on what exactly is and isn't a viewpoint?

    A coalition of advocacy groups on Tuesday asked the US Supreme Court to block Texas' social media law HB 20 after the US Fifth Circuit Court of Appeals last week lifted a preliminary injunction that had kept it from taking effect.

    The Lone Star State law, which forbids large social media platforms from moderating content that's "lawful-but-awful," as advocacy group the Center for Democracy and Technology puts it, was approved last September by Governor Greg Abbott (R). It was immediately challenged in court and the judge hearing the case imposed a preliminary injunction, preventing the legislation from being enforced, on the basis that the trade groups opposing it – NetChoice and CCIA – were likely to prevail.

    But that injunction was lifted on appeal. That case continues to be litigated, but thanks to the Fifth Circuit, HB 20 can be enforced even as its constitutionality remains in dispute, hence the coalition's application [PDF] this month to the Supreme Court.

    Continue reading
  • How these crooks backdoor online shops and siphon victims' credit card info
    FBI and co blow lid off latest PHP tampering scam

    The FBI and its friends have warned businesses of crooks scraping people's credit-card details from tampered payment pages on compromised websites.

    It's an age-old problem: someone breaks into your online store and alters the code so that as your customers enter their info, copies of their data is siphoned to fraudsters to exploit. The Feds this week have detailed one such effort that reared its head lately.

    As early as September 2020, we're told, miscreants compromised at least one American company's vulnerable website from three IP addresses: 80[.]249.207.19, 80[.]82.64.211 and 80[.]249.206.197. The intruders modified the web script TempOrders.php in an attempt to inject malicious code into the checkout.php page.

    Continue reading

Biting the hand that feeds IT © 1998–2022