German researches have uncovered a network privacy flaw in the mobile phone network used by almost every carrier on the planet that will let hackers intercept calls and text messages even on an encrypted line. The flaw was found on “SS7” the global network the world’s networks use to route calls to one another. SS7 was designed in the 80’s and is being proven to have holes and flaws that will threaten the privacy on a world-wide level.
“It’s like you secure the front door of the house, but the back door is wide open,” said Tobias Engel, one of the German researchers.
“Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”
Most wireless carriers have worked hard to make their systems secure for their customers but they still need to use SS7 to communicate between them. This is where they become vulnerable even with their own encryption and security measures in place. The researchers found two ways hackers could exploit SS7 and eavesdrop on calls being routed through it. First by hijacking a phone’s forwarding function when it gains access to SS7. Hackers can then redirect the call to themselves and conveniently listen in. The second method requires proximity to the target using antennas and intercepting mobile signals, this method is deployable on a large scale.
“It’s all automated, at the push of a button,” Nohl said. “It would strike me as a perfect spying capability, to record and decrypt pretty much any network. … Any network we have tested, it works.”
Those tests have included more than 20 networks worldwide, including T-Mobile in the United States. The other major US carriers have not been tested, though Nohl and Engel said it’s likely at least some of them have similar vulnerabilities. (Several smartphone-based text messaging systems, such as Apple’s iMessage and Whatsapp, use end-to-end encryption methods that sidestep traditional mobile text systems and likely would defeat the technique described by Nohl and Engel.)
In a statement, T-Mobile said: “T-Mobile remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks.”
Hit the source link below for a comprehensive write up over at the Sydney Morning Herald.Source: Sydney Morning Herald