Research in Motion's resistance to giving governments access to its BlackBerry network misses a major point — authorities could probably hack the data on their own if they want it badly enough, security experts say. Indeed, a major attack against BlackBerry users by a telecom in the United Arab Emirates employed that very tactic a year ago, according to RIM. Experts say other malicious programs are likely to be lurking around, readying to be sprung. India, Lebanon, Saudi Arabia and the United Arab Emirates say they need RIM's cooperation so they can decode messages scrambled with BlackBerry's proprietary technology.
They have threatened to restrict RIM's operations if the company won't meet their demands, which they say are driven by national security concerns. But if RIM doesn't back down, the governments themselves could instead choose to hack into the BlackBerry network. “I could design a good hundred ways to gain access,” said Bruce Schneier, a security expert who is chief security technology officer for BT.
Officials with Canada's RIM did not respond to a request for comment. Security experts say they'd almost certainly attack at the network's most vulnerable points: the BlackBerry smartphone itself and the BlackBerry server. Those two pieces of equipment sit at either end of the network where they offer would-be hackers access to unscrambled data. Last year's attack in the UAE is a good example of how a hacker might work. It employed spyware created by SS8, a closely held U.S. security firm, RIM says.