Thursday 18 May 2017

SS7 Vulnerabilities

SS7 – Network of Telephony Signalling Procedures

Signalling System No. 7 – SS7 network is a set of telephony signalling procedures which had been invented in 1975. It has been utilised to set up and slash down several of the public switched telephone network PSTN telephone calls of the world.

Besides this it also tends to perform number translation, local number portability, prepaid billing, Short Message Service – SMS together with other mass market services. The SS7 networks is said to form one of the supports of the prevailing effective telecommunication industry.

In spite of all its importance of enabling telecommunication services, SS7 tends to integrates only nominal safety features. However since SS7 had been introduced in the past 35 years the telecommunication marketplace had altered radically and SS7 susceptibilities have now become more unprotected.

 Over the past few months, invaders have been utilising a flaw in Signalling System 7 in order to intercept two factor authentication codes which have been sent to online banking customer in an attempt to transfer funds. Suddeutsche Seitung, a German newspaper had reported that the invaders first tend to compromise the bank account of the customer utilising traditional bank fraud Trojans to steal passwords and log into accounts.

Mobile Transaction Authentication Numbers 


They learned that the offenders carried out an attack from a network of foreign mobile network operator in mid-January wherein the attack redirected incoming SMS messages for selected German customers to the attackers Thereafter they utilised the SS7 susceptibility in order to redirect text messages comprising of one-time passwords to the device of the attacker instead of the customers.

Then they utilise mobile transaction authentication numbers - mTANs for the purpose of transferring money from the targeted accounts. The SS7 susceptibility is not new but had been discovered in 2014 by German researchers and reported by The Washington Post. The detection of the abuse of the SS7 vulnerability followed an open letter two U.S. congressmen had written to U.S.

Homeland Security Secretary John Kelly requesting for an update on the progress in dealing with SS7 security errors and why the agency had not been doing more regarding the same. Rep. Ted Lieu – D-Caliphs, one of the authors of the letter had a personal experience with the SS7 susceptibility.

Congressional Action 


The security researchers with the permission of Lieu were capable of stalking the congressman using only his cell phone number and an SS7 network. The researchers were capable of recording his phone calls as well as monitor his precise location in real time. The exploit of the cell phone of Lieu was featured on the television show 60 Minutes.

 In April 2016, following its airing, the FCC had stated an investigation in the SS7 vulnerability and a report from FCC was anticipated in March 2016 which is yet to appear. Lieu had issued a statement calling for congressional action on the matter in reply to the draining of bank accounts utilising the same SS7 weakness.

Lieu had mentioned that everyone’s account protected by text-based two factor authentication like bank accounts, were possibly in danger till the FCC together with the telecom industry tend to fix the SS7 security flaw.

The FCC together with the telecom industry is aware that hackers can acquire our text messages and phone conversations just by knowing our cell phone number. It is improper that the FCC and the telecom industry have not taken immediate action in the protection of our privacy and financial security.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.