Governments Criminals Use DecadesOld Networking Protocol to Spy

first_img Donald Trump Demands ‘6G’ Rollout ‘As Soon as Possible’China Preps 5G Coverage For World’s Longest Sea Bridge A decades-old networking protocol used by global mobile providers may have put U.S. phone users at risk.Federal officials acknowledged the vulnerability in a previously undisclosed letter from the Department of Homeland Security to Sen. Ron Wyden (D-Ore.), obtained by The Washington Post.Dated May 22, the memo describes Signalling System No. 7 (SS7), a set of protocols developed in 1975 that allows cellular customers to move between networks as they travel.AdChoices广告More than 40 years old, the program features little security, according to the Post, which warned of spying by foreign intelligence agencies and criminals.“I don’t think most Americans realize how insecure U.S. telephone networks are,” Wyden said in a statement, published by the paper. “If more consumers knew how easy it is for bad guys to track or hack their mobile phones, they would demand the FCC, and wireless companies do something about it. These aren’t just hypotheticals.” Stay on targetcenter_img The @FCC can & should conduct an independent assessment of the security of U.S. phone networks, identity which networks are lagging behind, & then force those companies to up their security.— Ron Wyden (@RonWyden) May 30, 2018In a separate letter addressed to Federal Communications Commission Chairman Ajit Pai, Wyden revealed that a major American wireless carrier suffered an SS7 breach, in which consumer data was accessed.“Although the security failures of SS7 have long been known to the FCC, the agency has failed to address this ongoing threat to national security,” he wrote.The FCC declined to comment beyond saying that it “received and [is] reviewing” the letter.Initially created as a way for telecom companies to exchange information as they routed calls, Signalling System 7 now performs number translation, local number portability, prepaid billing, SMS, and other mass market services for various firms.Anyone with a modicum of tech savvy could hack their way into the network and pretend to be a carrier requesting customer information.SS7 tracking systems around the world create millions of “malicious queries”—messages seeking unauthorized access to data—each month, the Post reported. The most advanced operations can monitor dozens of people for hours at a time, sending alerts if they get close to specific areas or each other.“The FCC must now take swift action,” Wyden wrote, “using its regulatory authority over the wireless carriers, to address the market failure that has enabled the industry to ignore this and other serious cybersecurity issues for decades.”He requested a response from Pai by July 9.Let us know what you like about Geek by taking our survey.last_img read more