Government communication illegally wiretapped in Greece
Over a 100 phone numbers of Greek Government officials were illegally wiretapped for 11 months, during and after the 2004 Olympic games. This was confirmed on 2 February 2006 by three ministers during the daily Greek government press conference.
The illegal wiretaps were discovered in March 2005 during a routine control at Vodafone, one of the main mobile providers in Greece. Those under surveillance included the Prime Minister, many ministers, the police, army and intelligence heads and headquarters, along with left wing political activists, journalists, and lawyers. The system was deactivated by the mobile operator too soon to trace the perpetrators, yet their approximate location was interpreted by some in the media as being suspiciously close to the US embassy in Athens.
The events received world-wide coverage yet most news agencies failed to highlight the technology policy implications of the affair. The illegal wiretaps used the "lawful interception subsystems" present in most telecommunication equipment that security services and law enforcement to listen to a live copy of every call. The perpetrators managed to bypass the authorisation mechanisms by technical means or or, more likely, by using an insider, then installed software on the control computers of Vodafone that redirected the monitored calls to a group of "shadow" pre-paid mobile phones, from which the conversations could be listened to and recorded. Traffic data including the location of the handsets under surveillance may also have been collected.
These interception interfaces first came to light in 2001, when they were standardised by the European Telecommunications Standard Institute (ETSI). Many specialists predicted that "surveillance by design" would introduce a systemic vulnerability into the communication infrastructure that would in time be inevitably abused. The Greek case confirms this grim prediction, yet no word has been spoken about reversing this trend.
The matter is now being investigated by the Greek justice, but polls reveal that many people are pessimistic about ever finding the perpetrators and are distrustful of the overall state of mobile phone privacy. The government is wary of blaming Vodafone for the security breach. If the operator had not raised the alarm no one would have ever known about the illegal wiretapping, the minister of Interior admitted.
The independent authority whose job it is to preserve the confidentiality of communications learnt of the case at the same time the journalists were briefed, nearly a year after the discovery and the deactivation of the monitoring operation. So far the response of the government has been to look at strengthening the legal apparatus to protect citizens against illegal wiretapping, without considering any of the technical telecommunication security options. As a Greek journalist remarked during a press conference, the current, already modern and sophisticated, legal apparatus seems to have failed at each and every stage.
Some translations of the Greek ministers' press conferences with a focus
on technical details
Some technical manuals of the Interception Management Systems and AXEs
from Ericsson (similar to the equipment used by Vodafone)
Greek Government Press Briefing (Greek only, 2.02.2006)
Wiretaps of phones and ministers (Greek only, 2.02.2006)
Athens Olympics phone tapping revealed (3.02.2006)
The ETSI Interception Dossiers (27.03.2001)
ETSI Lawful Interception Summary
The masts betrayed the bugs (Greek only, 13.02.2006)
Press Release - Authority for the assurance of the confidentiality of
communications (ADAE) (Greek only, 6.02.2006)
(Contribution by Dr George Danezis from Katholieke Universiteit Leuven)