- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
Summary
The Department of Homeland Security (DHS) has identified China, Russia, Iran, and Israel as the primary countries exploiting vulnerabilities in SS7, a telecom protocol, to spy on individuals in the U.S.
This includes tracking locations and intercepting calls and messages.
Newly released information, revealed by Senator Ron Wyden, links these attacks to foreign nations and builds on prior reports of SS7 exploitation.
A 2017 DHS presentation highlighted these risks, showing persistent concerns over SS7’s security flaws.
The disclosure underscores ongoing surveillance threats targeting U.S. telecommunications networks.
SS7 is a signaling protocol. It does specific things between exchanges. For example, you make a long distance call…before you input the last four numbers, SS7 has signaled the end office that a call is to be setup. As the last four numbers are dialed, the connection is interrogated and if free completes the connection, hello. But if it’s busy, SS7 signals back to your office to activate its tone generator to produce a busy signal. Magic. Very little resources are used. Knew a guy who was very good in SS7 and he claimed he could do some shit.
I took a networking course and the teacher did 2 weeks in telephone protocols all the way from Morse code. Ss7 is magic.
That’s all well and good, but doesn’t address the point of the post in that it’s apparently insecure AF.
Hmmmmm. The first thing to remember is the only thing SS7 does is signal. No call processing. Also, the network control of SS7 is isolated, with only links to the processor (STP) being the exchanges themselves. You can simulate SS7 to the exchange which will cause a call setup to the exchange. But, that is a hack into the local exchange and not really SS7. Anyway, it would seem to me to be more work than worth.