German researchers have discovered security flaws that could enable hackers, spies, and criminals to listen to private phone calls and intercept text messages. This revelation is just the most recent indication of widespread insecurity on the SS7 network. The flaws are actually functions built into SS7 for other purposes that hackers can repurpose for surveillance because of the lax security on the network.
Although researchers did not find evidence that their latest discoveries have been marketed to governments on a widespread basis, vulnerabilities publicly reported by security researchers often turn out to be tools long used by secretive intelligence services, such as the U.S. National Security Agency or Britain's GCHQ, but not revealed to the public.
The researchers found two distinct ways to eavesdrop on calls using SS7 technology. In the first, commands sent over SS7 could be used to hijack a cellphone's forwarding function. In the second technique, hackers would use radio antennas to collect all the calls and texts passing through the airwaves in an area.
The researchers also discovered new ways to track the locations of cellphone users through SS7. In addition, they found it was possible to use SS7 to learn the phone numbers of people whose cellular signals are collected using surveillance devices.
From The Washington Post
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found