Posted Thursday, May 12th, 2016 by Babak Saadatmandi
“I bumped into you in the hallway – I don’t know if you noticed that…? In that time, I pushed a credential across to your phone – which means my bluetooth is now trusted by your phone…”
…the All Stars of DefCon – the conference of 20,000 hackers who meet each year to trade secrets – have been showing CBS, and the public, what they can do. And not just from bumping into people – but hacking subscribers from anywhere, globally:
Approx 90% of subscribers are on SS7 – 10% on LTE. It’ll be years until those percentages are reversed. SS7 is wide open to attack. Fraudsters are adding new weapons to their arsenal. And the media is now educating the public about the risks.
“Mobile networks are the only place in which this problem can be solved. There is no global policing of SS7. Each mobile network has to move to protect their customers on their networks.”
The CTIA state that all U.S. networks are secure. But a recent 60 Minutes Documentary is making very clear to subscribers, business leaders, politicians, that this isn’t the case: Nohl’s team were able to listen in on a congressman’s calls.
Here’s the recent CBS documentary – it aired in the U.S. and is piquing quite a bit of interest worldwide:
John Hering, founder at Lookout believes there are only two types of companies or individuals: those that have been hacked and realise it; and those that have been hacked and don’t realise it.
And in another 60 Minutes documentary on Australian TV, Senator Nick Xenophon stated:
“This is the end of anyone’s privacy as we know it.
“This is not about spies and terrorists and polys (politicians) – this is about every Australian because they are vulnerable because their phones can be hacked.
“If you’re involved in sensitive commercial negotiations where the other company can do you over by virtue of hacking…
“If you have an ex-partner who’s being vindictive and can try to embarrass you and humiliate you …no-one is safe.
“It’s rampant and it’s getting worse.”
These vulnerabilities in SS7 were previously reported by Tobias Engel and Karsten Nohl at Hacker conference Chaos Communication Congress 31C3:
And by the Washington Post.
Cellusys are technology leaders, at the forefront in the drive to secure mobile communications worldwide. Let’s take a look at the solutions: