Industry News

Any phone can get hacked via a global cellular network vulnerability

iPhone 6. Photo credits: Wikipedia

A vulnerability in the Signaling System Seven (SS7) has been recently exploited to track location, snoop on messages and phone calls on any type of smartphone, researchers found.

Karsten Nohl, a German hacker, demonstrated how, by leveraging the flaw, he was able to track all this personal information from an iPhone owned by US Congressman Ted Lieu.

First, it’s really creepy, and second, it makes me angry,” the Congressman said in a TV show.

The problem resides in SS7 or Signalling System Number 7 – a telephony signaling protocol used by more than 800 telecommunication operators around the world to exchange information with one another, cross-carrier billing, enabling roaming, and other features.

If one of the telecom operators is hacked, everyone is exposed and a large scale of information, including voice calls, text messages, billing information, relaying metadata and subscriber data, is open to interception.

Also, the vulnerability affects all phones, whether they’re running iOS or Android. Reportedly, the designing flaws in SS7 have been in circulation since 2014.

The people who knew about this flaw [or flaws] should be fired,” Lieu added. “You can’t have 300-some Million Americans – and really, right, the global citizenry – be at risk of having their phone conversations intercepted with a known flaw, simply because some intelligence agencies might get some data.”

The best way users can protect conversations and mobile data is to encrypt it before it leaves the smartphone.

About the author

Alexandra GHEORGHE

Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs. She has since wielded her background in PR and marketing communications to translate binary code to colorful stories that have been known to wear out readers' mouse scrolls. Alexandra is also a social media enthusiast who 'likes' only what she likes and LOLs only when she laughs out loud.

1 Comment

Click here to post a comment
  • The main problem with this flaw is that even if your mobile carrier has already patched the flaw, the connecting carrier may not which leaves communication open to exposure. This is exactly why I'm such a big advocate of using apps with end to end encryption built in. Any data in transit that isn't encrypted runs the risk of being snooped on.