Yes, you heard it right. It’s the dirty truth that’s featuring what is being called the largest privacy breach ever.
Billions of cell phone users are at risk of a vulnerability in the SS7 inter-carrier network that allows hackers and spies agencies to track locations and intercept all voice calls from anywhere in the world.
This is something we already know from the last year’s Snowden leaks that explained the National Security Agency (NSA) capabilities to gather nearly 5 Billion records a day on mobile phone locations around the world.
But, it’s worse than we have thought.
The famous Australian TV programme “60 Minutes” demonstrated that it is possible for anyone to track cell phone location and intercept calls and text messages.
This time, not due to a security vulnerability in the phone’s operating system, but due to a serious flaw in the very system our cell phones use to communicate with each other around the world – The global signaling system, called SS7.
What went Wrong?
Hackers take advantage of the SS7, which is unfortunately vulnerable.
SS7 or Signaling System Number 7 is a protocol suite used by most telecommunications operators throughout the world to communicate with one another when directing calls, texts and Internet data.
SS7 allows cell phone carriers to collect location information from cell phone towers and share it with each other. This means a United States carrier will find its customer, no matter if he or she travels to any other country.
Location Tracking, Calls Listening, Messages Intercepting using SS7
Successful exploitation of the bug in SS7 could let attackers listen to all your voice calls as well as track your exact GPS location.
This technique is commonly known as a “Man-in-the-Middle“ (MitM) attack, where hackers intercept online traffic and then forward it back to the recipient.
Besides tracking cell phone user and intercepting their calls, this critical flaw also allowed hackers to intercept SMS verification used with banking applications.
Showing in a special report, 60 Minutes shows how German hackers intercepted and recorded a mobile phone conversation of a politician, as well as tracked his movements from Germany, which is situated thousands of miles away.
Since the SS7 network is used worldwide, the vulnerability in it puts Billions of cell phone users in danger.
Unfortunately, there isn’t a fix yet, so the flaws in SS7 protocol will continue to be present even if your telephone carriers upgrade to more advanced technology.