Phone hacking problems? Defense, intel agencies have an app for that

Several military and intelligence agencies are downloading an anti-hacking app to thwart call interceptions on smartphones, according to providers of the tool.

The software application, Cellcrypt Mobile, runs on commercial mobile devices, including Android, BlackBerry, iPhone and Nokia models. Unlike the hacks associated with Rupert Murdoch's news empire, the concern here is the breach of live audio transmissions, not stored voice mails.

“Most phones just don’t have voice security built in -- period,” said Kathleen Peters, Cellcrypt general manager for North America. One exception is the $3,150 BlackBerry-like Secure Mobile Environment Portable Electronic Device, or SMEPED, that is certified for Top Secret communications.

The somewhat less expensive $1,600 retail price Cellcrypt tool protects sensitive, unclassified international calls from U.S. troops serving two military branches, according to the company, which could not disclose the units for national security reasons. Peters said that Cellcrypt has made “small initial commercial sales to various military organizations” for “folks who are on special operations.”

Cellphone voice encryption typically requires inserting special hardware, but the app does not. “Irrespective of whether the phone has hardware to encrypt or not, you don’t have to worry, because encryption will be delivered through the app,” Peters said of her company’s technology.

U.S. intelligence agencies have opted to use an accessory that sits beside their landline phone systems, enabling operatives on cellphones to call into the office for voice mail or to speak with a supervisor, she said.

Cellcrypt and Verizon on April 30 announced a service coming this fall that will make it easier for federal agencies to obtain the app through their contracts with the telecommunications giant. The program already is available through government contractor Winvale.

Call security is critical for overseas military because mundane conversations overheard by foreign intelligence officers can be analyzed to discern U.S. strategies, company officials said.

Chatting about unusual weather in Afghanistan with comrades or even family members can convey the location of a regiment. “It may be a soldier phoning home and telling their loved ones, ‘I’ll be out for three weeks, so don’t worry about me.’ There could be calls about supplies coming in and out, which in a vacuum, in and of [themselves are] innocuous” but revealing in conjunction with other contextual information, Peters said.

“There are instructions not to discuss certain details on the phone, but what we’re told is that people do anyway,” she added.

Further complicating call security is the “bring your own device” push. For convenience and cost-efficiency, government and corporate offices are trying to partition employee-owned smartphones in a way that grants system administrators control over work data, while allowing employees’ personal usage to remain private. The Cellcrypt app accomplishes that maneuver by letting users turn the encryption on and off. The user must click on the app before dialing -- and the recipient must have the app installed on his or her phone too.

Users can tell they are on a secure call by the closed padlock icon that shows up on their screens. “Our app doesn’t take over your phone,” Peters said. “It doesn’t make all your messages or calls secure. It will have a unique graphical user interface. You will know whether you’re on a secure call or not.”