Libyan network hijacked for rebel cause

Dial 'R' for Rebel


A Libyan mobile network has been hijacked by the rebels, who had been reduced to communicating by semaphore, but can now get interrupted by an incoming call like the rest of us.

The network, dubbed "Free Libyana", consists of infrastructure bussed in from the UAE and jacked into the existing cellular infrastructure. Free Libyana is still pretty basic, but is providing vital communication to key personnel as envisioned by Ousama Abushagur, a telecoms executive living in Abu Dhabi, and reported by the Wall Street Journal.

Abushagur was concerned because he could see that communications were critical to any military operation, and that government forces were switching off parts of the cellular network prior to attacks and jamming the frequencies used by satellite phones. Radios can provide point-to-point communications, but Libya has a national cellular network, so he plotted a way to make use of that.

Not that building a new mobile network comes cheap – despite Abushagur's design being sketched out on a napkin he still had to raise millions of dollars to pay for the kit. It's also hard to buy that kind of thing, so support from Qatar and UAE administrations, as well as Etisalat, was essential as the rebels would have struggled to find a supplier without it.

The supplier remains nameless for political reasons, but we do know it isn't Huawei, as the Chinese company (who supplied the infrastructure for the network being hijacked) refused to get involved.

The kit, along with three Libyan and four western engineers, set up camp in Benghazi and are working with locals they managed to hive off a significant proportion of the Libyana network. The rest of that network is still up, and happens to be managed by Gadhafi's son (radio spectrum is a terrific thing for despots to hand over to relatives, few people notice the nepotism until it's too late).

Mobile networks tend towards a hub-based architecture for simplicity (the hub being in government-held Tripoli in this case), so it's an impressive achievement to acquire control over significant parts of the network and integrate them into a separate hub. Modern networks do try to achieve some level of local autonomy, for resilience and load balancing, but Libyana shows every sign of having been entirely based around a single hub.

Equally impressive is the political achievement. This would have been impossible without the support of the surrounding countries, both in terms of logistics and interconnection, not to mention billing.

Like all cellular networks Free Libyana is still struggling with its billing system: international calls are billed by Etisalat (and pre-paid: one can never tell when a customer is going to disappear) while local calls are free. But at least those wanting to speak to the rebels can give them a call, rather than relying on dropping spies from helicopters only for them to be captured by local farmers. ®


Other stories you might like

  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • 1Password's Insights tool to help admins monitor users' security practices
    Find the clown who chose 'password' as a password and make things right

    1Password, the Toronto-based maker of the identically named password manager, is adding a security analysis and advice tool called Insights from 1Password to its business-oriented product.

    Available to 1Password Business customers, Insights takes the form of a menu addition to the right-hand column of the application window. Clicking on the "Insights" option presents a dashboard for checking on data breaches, password health, and team usage of 1Password throughout an organization.

    "We designed Insights from 1Password to give IT and security admins broader visibility into potential security risks so businesses improve their understanding of the threats posed by employee behavior, and have clear steps to mitigate those issues," said Jeff Shiner, CEO of 1Password, in a statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022