Top I.T. security experts have discovered a fatal security flaw that can allow hackers to monitor private phone calls and also read text messages even if the consumers cellular network uses the most advanced encryption methods.
Specialists within the technology field found the security flaw within the global telecoms network which is known as signal system seven. This network powers vast amounts of cellular providers, including mobile giants AT&T and Verizon.
Signaling System Number 7 is a expansive protocol system used by network providers to communicate globally when processing calls, texts and Internet data. It enables cellular networks to collate data from network masts and share it with one another. This technique enables cellular networks to pin point where the handset is being used geographically.
SSN7 is a very effective method in data sharing, however it has outdated security and is vulnerable to hackers. These vulnerabilities can expose billions of cellular users private data on a global scale.
“The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can re-purpose for surveillance because of the lax security on the network,” the report reads.
The extensive vulnerabilities of SSN7 have not all been revealed yet, however hackers are able to intercept and then re-direct consumers calls to any desired location. They are also able to gain access to encrypted networks and record consumers phone calls and text messages, intercept the data of which then can be decrypted relatively easily at a later date.
The top cellular networks use the most advanced methods in encryption, for instance AT&T and Verizon use 3G and 4G respectively however the use of SSN7 leaves data open to a back door vulnerability for skilled hackers.The use of SSN7 protocol also makes the potential to defraud users and cellular carriers, according to the extensive research in to SSN7 techniques.
In accordance to these latest reports, it makes you question is it really safe to use your mobile phone confidently and privately?
Privacy researcher Christopher Soghoian, principal technologist for American Civil Liberties Union made this statement:
“Don’t use the telephone service provided by the phone company for voice. The voice channel they offer is not secure,” principle technologist Christopher Soghoian told Gizmodo. “If you want to make phone calls to loved ones or colleagues and you want them to be secure, use third-party tools. You can use FaceTime, which is built into any iPhone, or Signal, which you can download from the app store. These allow you to have secure communication on an insecure channel. Like the United states’ NSA and British security agency GCHQ – could be using these flaws. “Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation. They’ve likely sat on these things and quietly exploited them”
This just re-instates the extent of monitoring and exploitation of data is on a global scale.