Congressman Wants Longstanding Mobile Security Flaw Investigated

When it comes to our technology, we like to think there might be a hint of privacy in their use. Signaling System 7 is a set of protocols used to help route data, messages, and even phone calls through mobile networks but the problem is that such a widely used system is actually flawed. This flaw led to Ted Lieu, a congressman for  the state of California, calling for an investigation into the longstanding mobile security flaw after it was demonstrated to him by a group of hackers based in Germany.

The mobile security flaw was demonstrated on 60 minutes by german security researcher Karsten Nohl, with it initially being revealed all the way back in 2014. Nohl managed to use the exploit after knowing nothing more than just the congressman’s phone number. With just their number Nohl stated that they could track people’s locations, read their texts and even what was said in their phone calls.

Lieu is coming hard at those who might have known about this issue, saying that any government employee that knew about the SS7 problem should be fired because “this affects so much of daily life to your personal phone”. With everyone using their mobile phones people don’t protect them, often being lulled into a false sense of security and risking their personal lives and data on a daily basis.

Mobile Network Vulnerability Means Hackers Could Listen in to Calls

A vulnerability in mobile networks has been discovered that allows hackers to monitor phone calls and track user locations. The weakness, part of the SS7 global mobile network, has been around for a long time, built in as part of a function that keeps calls connected when a phone is on the move, switching between different mobile towers, and researchers don’t know how much it has been exploited.

SS7 was built into mobile networks as a key component during the Eighties, so no amount of security updates or encryptions can remove it, and since the weakness exists worldwide, hackers don’t need to be near a mobile phone to be able crack into it.

“I doubt we are the first ones in the world who realize how open the SS7 network is,” said Tobias Engel, a German researcher who helped find the vulnerability.

A hacking conference in Hamburg will openly discuss the flaw later in December. As long as SS7 remains in use, security experts recommend no sharing any private or sensitive information over a mobile voice call.

Source: The Independent