Flaws found in global cell network means spies can hack your phone
Security flaws discovered by German researchers could allow hackers to listen in on private phone calls and intercept text messages en masse, the Washington Post reports.
The weaknesses in the global cellular network are to be reported at a hacker conference in Hamburg this month, by Tobias Engel, founder of Sternraute, and Karsten Nohl, chief scientist for Security Research Labs.
The Post reports that these experts believe that SS7, the global network that allows cellular carriers worldwide to route calls and messages to each other, have “serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.” Researchers in Germany have discovered that hackers with an in-depth knowledge of SS7’s different features would be able to exploit certain functions to listen to private calls and intercept text messages.
One way that hackers could intercept calls would be to exploit cellular carriers forwarding function — which allows a user to have his calls directed to another number — by redirecting “calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.”
Despite mobile carriers working to secure data, the Post reports that the weaknesses in SS7 have left millions vulnerable:
These vulnerabilities continue to exist even as cellular carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorized eavesdropping. But even as individual carriers harden their systems, they still must communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network. That means that a single carrier in Congo or Kazakhstan, for example, could be used to hack into cellular networks in the United States, Europe or anywhere else.
It’s unclear how much, if any, data has been intercepted due to these vulnerabilities, but as Engel told the Post, “I doubt we are the first ones in the world who realize how open the SS7 network is.”