Free Libyana: Gadaffi networkjacker speaks!

Abushagur tells The Reg how he nabbed a network


Ousama Abushagur stole a mobile phone network from Colonel Gadaffi's son, and has told El Reg how it was done and what the future holds for Free Libyana.

The Wall Street Journal covered the launch of Free Libyana yesterday, how the Libyana network was subverted and hijacked to serve the country without reference to Tripoli. That coverage provided great drama, but little in the way of technical details and a few inaccuracies that Abushagur would like to clear up: specifically the complete lack of governmental support he received, and the necessity for international calls to be routed through London's Docklands.

Despite these issues the Free Libyana network is now connecting 725,000 users across an area comparable in size to England, without having to build any network infrastructure or install base stations - all that was stolen from one of the existing operators, along with its customers.

Libya has two GSM networks; AL MADAR AL JADID and Libyana. The latter was selected not because it happens to be run by Gadaffi's son, but because its network infrastructure was well known and local engineers in Benghazi could be relied upon to help. Abushagur didn't steal the network alone, but he did come up with the idea and raise the money to make it happen.

The London routing happens because the satellite connectivity for international calling is being leased from the IDT Corporation. IDT provides per-minute billing, via pre-paid cards, for connections from Benghazi to London's Telehouse and from there to the rest of the world - at least the parts of it that accept the existence of the Free Libyana network.

The WSJ faithfully quoted a Benghazi official who claimed the UAE government and its operator Etisalat provided vital support for the project, along with the government of Qatar, but Abushagur is having none of it. "I wish they did [provide support]," he told us. "If one of them could have waved a flag we might not have been stuck in Egyptian customs for more than a week."

When we spoke last night Etisalat was not even routing calls onto the Free Libyana network, though this morning that seems to have improved as more operators start routing calls to the new operator. But what's most annoyed Abushagur and the others involved is the inference that governments might have contributed financially to the creation of Free Libyana.

"We raised all the money from Libyans who could see it was important. We're still waiting for all the money and equipment [media reports] say we have received."

That money was spent on equipment, primarily a Home Location Register (HLR) bought from Tecore Networks. Every mobile network has one HLR, which tracks every mobile phone so it knows where calls should be routed. When Free Libyana set up in Benghazi the local Libyana engineers provided access to the VLRs (Visitor Location Register) which provide details of nearby handsets. That data was then used to populate the new HLR and get things up and running.

That enables Free Libyana users to keep their existing phone numbers - important when you're trying to track down friends and family - but it also means that all the communication over Free Libyana is entirely unencrypted.


Other stories you might like

  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • Cisco EVP: We need to lift everyone above the cybersecurity poverty line
    It's going to become a human-rights issue, Jeetu Patel tells The Register

    RSA Conference Exclusive Establishing some level of cybersecurity measures across all organizations will soon reach human-rights issue status, according to Jeetu Patel, Cisco EVP for security and collaboration.

    "It's our civic duty to ensure that everyone below the security poverty line has a level of safety, because it's gonna eventually get to be a human-rights issue," Patel told The Register, in an exclusive interview ahead of his RSA Conference keynote. 

    "This is critical infrastructure — financial services, health care, transportation — services like your water supply, your power grid, all of those things can stop in an instant if there's a breach," he said. 

    Continue reading

Biting the hand that feeds IT © 1998–2022