In a recent CBS 60 minutes episode it was unveiled how the cell phone number of “Ted Lieu” Democratic member of the US House of Representatives, was used to spy on his location, calls and texts. The attack was conducted by targeting interchange service “Signalling System No. 7“, widely known as C7 in the UK and CCSS7 in the United States. The service acted as a broker between mobile networks giving access to practically any phone number on these networks.
The CCSS7 handles details which includes number translation, SMS conversation, billing information and various back-end duties that are performed to connect different subscribers. CCSS7 is extensively used by phone carriers to share information of billions of customer on a daily basis.
The Flaw in Mobile Networks
The flaw in the SS7 network protocol is not a recent discovery. “Karsten Nohl” German security researcher demonstrated this flaw back in 2014 at a Hacker Convention in Hamburg. Now, Nohl has proved on CBS 60 Minutes by providing a brand new phone to US Congressman Ted Lieu in California, while hacking it from his base in Germany.
During the snooping attack Nohl figured out Lieu’s movement within Los Angeles. Moreover, he read Lieu’s messages and recorded private calls with his official staff. The flaw in SS7 protocol was also pointed out by researcher Tobias Engel during the 2014 Chaos Communication Congress presentation “SS7 Located Track Manipulate“.
Overview of SS7 Exploit
Following are the key aspects of the SS7 vulnerability that users must know:
- By compromising the SS7 network a hacker can gain access to any person’s location by means of mobile phone mast triangulation.
- A hacker can gain access to exchanged text messages, call & message logs, record calls and listen into calls by using the phone number as an identifier.
- There’s little a person can do to safeguard against a SS7 attack, as the hack is solely conducted on the network end.
- Changing a phone, Installing pin numbers and security applications doesn’t protect subscribers from SS7 attacks.
What to Expect For Future
Hackers and data privacy experts have proven that SS7 is impossible to counter without state’s cooperation and initiative. Yet, it’s hard to say that the threat will be fixed in the immediate future as different law enforcement agencies and security services use the vulnerability for mass surveillance purpose and the 911 Emergency Response System.
Rep. Ted Lieu calls on Congress to investigate SS7 exploit – AppAdvice https://t.co/lAiAs1NKt3
— Technology highs (@Technologyhighs) April 18, 2016
You can read more on Cell-tower Triangulation Here