Network Vulnerability Allows Anyone from Anywhere in the World to Eavesdrop on Your Calls and Track Location
Cellphones in general and smartphones in particular have become the treasure trove of personal information and this is increasingly attracting the hackers attention. The data in cellphone speaks so much about the individual that it can be admitted as one of the most comprehensive set of information you could probably scrape off a person. Aussie based TV program, “60 minutes”, has telecasted a special report showing how hackers were able to record a mobile phone conversation of a politician and also track his movements from a base which is situated thousands of miles away.
The loophole seems to be a SS7 flaw in the architecture of the signalling system which is devised to allow mobile phone roaming across telecom providers. SS7 signalling protocol was developed way back in 1975 and now in the current cellular setup it is used to perform transitional functions including, prepaid billing, SMS, local number portability among a host of other services.
Flags were raised in 2014 when it was reported that a protocol vulnerability of the SS7 will allow non state actors to track the movement of cellphone users from any location across the world with a success rate of 70 percent. Eavesdropping was possible by forwarding the call and enable decryption by requesting the respective carriers to release a temporary encryption key to unlock the communication. In simpler terms, the hacker forwards the call to a recording device and then re-routes the call back to the intended recipient.
The recent TV program has reopened the issue of SS7 vulnerabilities and it also points out that GPS applications like Google Maps are the sources for the location. The report further said
Verification by SMS message is useless against a determined hacker with access to the SS7 portal because they can intercept and use the SMS code before it gets to the bank customer.
The above claim by the report can give many a goosebumps, as the hackers can virtually do anything and everything you would be able to do with your phone. Folks thinking they are safe as they don’t use a smartphone are completely wrong as this can happen to anyone with an active cellular connection.
German hackers on the show demonstrated on how they could intercept a call between a reporter and an independent Australian senator Nick Xenophon, after they were given legal access* to the SS7 by the authorities.
Senator Xenophon said in a response “This is actually quite shocking because it affects everyone. It means anyone with a mobile phone can be hacked, can be bugged, can be harassed.” He further added that the implications were enormous and the intelligence services are well aware of this vulnerability.
The SS7 protocol has been under the scanner since last year and the fact that a part of SS7 system called the LIG is operated by third party in order to give access for the law enforcing authorities. This will allow anyone with access to SS7 locate the IMSI (International Mobile Subscriber’s Identity).
Adaptive mobile, the security firm researching the vulnerability said that “Security in the SS7 network has become of paramount importance for the mobile community, so knowing how these companies regard and use SS7 is essential,” he explained further, “Based on the information that has become available, it seems that there is a wider group of commercial entities selling systems that allow surveillance over SS7, and these system are for offer today.”
*We need to understand the fact that gaining SS7 access is not that easy and requires lots of efforts from the hackers end. The vulnerability can very well become a tool for Government agencies and the other corridors of power to spy on the subject of interest, thus severely questioning the degree of privacy an individual can be entitled to.