SS7 or Signaling System Number 7: Billions of mobile phone users are at risk due to a vulnerability in the global network's SS7 protocol, which allows hackers and our now-famous spies (see NSA) to track locations and intercept all voice calls from anywhere in the world.
Of course we already know from his reports Snowden that the US National Security Agency (NSA) has the potential to collect nearly 5 billion records per day of cell phone locations around the world. But, the new news makes things much worse.
The famous Australian Ross Coulthart in his TV program "60 Minutes" he proved that it is possible for anyone to track the location of a mobile phone and to intercept calls and text messages.
This time, it's not due to a security vulnerability in the phone's operating system, but to a serious flaw in the system itself that our mobile phones use to communicate with each other around the world. The global signaling system, called SS7.
SS7 or Signaling System Number 7 is a suite of protocols used by most telecommunications carriers around the world to communicate with each other when routing calls, texts and data on the Internet.
SS7 allows cell phone companies to collect information about the location of telephones from cellular antennas and share the data with others. This means that a US company will find its customer, no matter if he or she travels to any other country.
Successful exploitation of the bug in SS7 could allow attackers to hear all your voice calls as well as track your exact GPS position.
This technique is commonly known as the "Man-in-the-middle" (MITM) attack where hackers steal data from the Internet without obstructing their way to the recipient.
In addition to tracking the location and calls of mobile phone users, vulnerability also allows hackers to intercept SMS verification used for banking applications.
In the 60 Show Minutes the presenter shows how a German hacker from Berlin records the conversation of the presenter's mobile phone in London with the Australian senator Nick Xenophon (Of Greek origin obviously). They were also able to geo-watch the senator when he traveled to Japan for business purposes, mapping his movements around Tokyo and Narita from the mobile phone antennas (a few hundred meters away) as well as around the streets of the South Australia when he returned to Australia.
His movements were watched by Germany, which is located thousands kilometers far away.
Because the SS7 network is used around the world, vulnerability puts billions of mobile phone users at risk.
Unfortunately, there is no solution yet, so that the cracks in protocol SS7 will still be present even if your carrier upgrades your phone to more advanced technology.
