The Current State of GSM
Many people think that the communication of their mobile devices is secure, because the system is relatively modern, and widely deployed. However, GSM security has been dealt some severe blows over the past decade, after vulnerabilities were found in various elements of the infrastructure. These vulnerabilities have lead to devices exploiting each of these vulnerabilities, including recent developments to make GSM call decryption in the reach of anyone with a laptop. There are three main vulnerabilities in GSM, and except for decryption of raw data, these vulnerabilities are still present in 3G environments. The three classes are SIM cloning/spoofing, mobile tower spoofing, and call decryption. For more technical details on GSM security, you can visit http://www.gsm-security.net/, or googling the topics below will provide a wealth of information.
SIM Cloning/'Spoofing'
SIMs (the little card containing customer information) can be 'cloned' such that another person can impersonate you on the GSM network. This includes receiving calls, SMS and even making calls using your account. This is normally a threat to general information, but becomes a serious concern when combined with specific hardware that can direct the calls or SMS to your phone, allowing them to intercept all your communication, with you none the wiser! This can be detected by a telecommunications provider, but is not typically performed.
Mobile Tower 'Spoofing'
Due to inadequate authentication of mobile towers to a cell phone, and the fact that users typically do not know which tower they are communicating with, means that eavesdroppers can impersonate a mobile tower, and forward this traffic to the real tower - allowing interception where again, the user is none the wiser! This is the most typical method of interception on GSM, as it requires little more than a mobile phone and a laptop with specific software. Specific military-grade interceptors have been available for some time.
Call Decryption
Whilst vulnerabilities in the typical encryption methods in GSM (specifically A5/1, in use in virtually every country) have been known for some time, in 2007 and 2008 methods were found to dramatically speed up the decryption process, and the equipment needed was published on the internet. For relatively small outlay, anyone can build a system to decrypt a GSM call in less than an hour per call. A proposed 'web service' (not yet available) may allow anyone with a laptop and specific radio device to obtain a decrypted call in under 30 seconds. This particular vulnerability is dangerous in that unlike the earlier two vulnerabilities, it is virtually undetectable.
Availability of Equipment
IMSI and passive interceptors (performing the first two attacks) have been available for some time from commercial companies, at an expense suitable for almost any organisation (some surplus equipment can be obtained for less than the prices of a second-hand car). Decryption equipment, being impossible to detect and therefore the most dangerous, is typically within $100K - $1M, however, the new developments listed above threaten to make decryption feasible for under $10K.
The end result of these vulnerabilities is that for anyone with an adversary with internet access, some time, and some equipment can obtain your confidential call details over GSM.