Security flaws discovered by German researchers could allow hackers to listen in on private phone calls and intercept text messages en masse, the Washington Post reports.
The weaknesses in the global cellular network are to be reported at a hacker conference in Hamburg this month, by Tobias Engel, founder of Sternraute, and Karsten Nohl, chief scientist for Security Research Labs.
The Post reports that these experts believe that SS7, the global network that allows cellular carriers worldwide to route calls and messages to each other, have “serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.” Researchers in Germany have discovered that hackers with an in-depth knowledge of SS7’s different features would be able to exploit certain functions to listen to private calls and intercept text messages.
One way that hackers could intercept calls would be to exploit cellular carriers forwarding function — which allows a user to have his calls directed to another number — by redirecting “calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.”
Despite mobile carriers working to secure data, the Post reports that the weaknesses in SS7 have left millions vulnerable:
It’s unclear how much, if any, data has been intercepted due to these vulnerabilities, but as Engel told the Post, “I doubt we are the first ones in the world who realize how open the SS7 network is.”