Global mobile networks are wide open to being hijacked for large-scale surveillance, thanks to flaws in the SS7 network signaling system.
That’s the word from Adaptive Mobile, which said that mobile networks in every territory that it looked at have already been penetrated by criminals and governments.
"There's varying rates of activity in every operator we have worked with," Cathal McDaid, head of Adaptive Mobile's threat intelligence unit, told the BBC. "They are all being hit by this to one extent or another."
He added, “We've found that this is not just theoretical, this activity is ongoing."
By exploiting the bugs, cyber-thieves have been able to manipulate billing systems to get free or cheap calls and roaming, or tap into calls and messages. Governments have also been found to be abusing the vulnerabilities to carry out surveillance of targets in other nations.
The BBC reported that the flaws were for instance found to have been used to redirect sensitive conversations among people on the MTS Ukraine network to a Russian mobile operator—presumably for monitoring purposes.
Communications networks use SS7 technology to basically “guide” phone calls to where they need to go across disparate mobile networks. It’s a non-IP based standard, used for voice calls and SMS communications—first developed in 1975. It’s therefore an aging—and almost ubiquitous—presence in networks, including many 4G networks.
“[It’s] a huge pervasive network that spans the world," said McDaid. "More people use it on a daily basis than use the internet."
The SS7 vulnerabilities are just another example of software-based systems that weren’t built for the rich interconnectivity and threats of the modern mobile infrastructure.
“Development teams need to go into projects with the expectations that what they’re creating will live in a hostile environment where attackers will look to exploit vulnerabilities,” said Chris Wysopal, CISO and CTO at Veracode, via email. “We’ve seen this across every industry and it’s no surprise it’s occurring in the telco industry. A core protocol like SS7 provides governments and rogue actors wide access to the world’s communications infrastructure making it an incredibly attractive system to break into. Until software developers change their approach and build security into their code from the start, we’re going to continue to see these problems.”