{"id":84469,"date":"2018-06-17T12:18:12","date_gmt":"2018-06-17T16:18:12","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2021-06-02T15:35:17","modified_gmt":"2021-06-02T19:35:17","slug":"what-is-ss7","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/what-is-ss7\/","title":{"rendered":"What is SS7?"},"content":{"rendered":"

\"What<\/a>– Updated 10\/25\/2018 –\u00a0<\/strong>The NYT<\/a><\/em> is reporting that China and Russia are\u00a0spying on Trump<\/strong> via his unsecured iPhone<\/strong>. NYT<\/em> says that though intercepted calls, likely related to SS7 the Chinese have pieced together a list of the people with whom Mr. Trump regularly speaks in hopes of using them to influence the president, the officials said. Among those on the list are Stephen A. Schwarzman<\/strong><\/a>, the Blackstone Group\u00a0CEO, <\/span>and Steve Wynn<\/strong><\/a>, the former Las Vegas casino magnate.<\/p>\n

\"Trump<\/a>A number<\/a> of outlets<\/a> are<\/a> speculating<\/a> that the Chinese are using the known SS7 flaw<\/strong> to spy on the president’s iPhone.\u00a0 I have written about the problems with SS7 a number<\/a> of\u00a0times<\/a>\u00a0since 2016<\/a> and now the chicken has come home to roost.<\/p>\n

—<\/p>\n

Trump<\/strong> recently bragged<\/a> that he gave the North Korean dictator<\/strong> his personal cell number<\/strong>. If that is true,\u00a0he has created a major national security exposure<\/strong>.\u00a0Karsten Nohl<\/a>, chief scientist at the firm Security Research Labs<\/a>, who researches cell network attacks told Wired<\/em>,\u00a0 “Absolutely that is a problem<\/em>.” He says hackers can\u00a0abuse flaws in Signaling System 7<\/a>\u00a0to listen in on someone’s phone calls, intercept their text messages, and track their location.<\/p>\n

\"NorthIf North Korean intelligence<\/strong> isn’t already tracking Trump’s phones<\/a> through malware, a direct phone number could give them a way in. The SS7 attacks<\/strong><\/a>\u00a0can give hackers relatively easy access to calls and texts, and location data.\u00a0Wired<\/em> points out that\u00a0North Korea has proven itself as an adversary<\/strong> willing to hack and manipulate systems around the world for its financial or intelligence gain<\/strong>\u2014it was responsible both for the 2014\u00a0hack of Sony<\/a>\u00a0and 2017’s\u00a0WannaCry ransomware<\/a>\u00a0outbreak – SS7 hacking is likely no exception.<\/p>\n

The telecom industry and U.S.government have done very little to plug the SS7 hole<\/a>. Senator Ron Wyden<\/a>, a Democrat from Oregon and a senior member of the Senate Select Committee on Intelligence<\/a>, has been tracking the SS7 issue for several years. He has sent letters to FCC<\/a> Chairman Ajit Pai<\/a><\/strong>, asking for answers<\/a> on SS7 security and details about how many network providers have been breached through SS7. Mr. Wyden wrote,\u00a0\u201cI\u2019ve spent the past year fighting to reveal what a terrible job the telephone companies and FCC are doing at protecting Americans from being spied on, tracked, or scammed.”<\/em><\/p>\n

Attackers used SS7 to get customer data\"FCC<\/a><\/h3>\n

Mr. Wyden said he had been told by a big-name mobile network that malicious attackers<\/strong> are believed to have used SS7 to obtain US customer data.<\/strong> DHS<\/a> confirmed<\/a>\u00a0reports of “nefarious” types leveraging SS7 to spy on American citizens by targeting their calls, text messages, and other information.<\/p>\n

So what is SS7?<\/h3>\n

The Signaling System 7 (SS7)\u00a0network is fundamental to cellphones operations<\/strong>, but its security design relies entirely on trust<\/strong>. The protocol does not authenticate messages<\/strong>; anyone with access to SS7 can send a routing message, and the network will make it. Now as SS7 network operators are opening the SS7 network to third-party access, vulnerabilities<\/a> are being exposed and attacked<\/strong> initially by governments and now criminals.<\/p>\n

<\/p>\n

Since 1975, over 800 telecommunications companies<\/strong> around the world use SS7 to ensure their networks interoperate. SearchNetworking.com<\/em><\/a> defines the Signaling System 7 (SS7) as an international telecommunications standard<\/strong> that describes how network elements in a public switched telephone network (PSTN) exchange information over a digital signaling network.<\/p>\n

SS7 control messages<\/h3>\n

SS7 control messages contain routing, congestion, and authentication information<\/strong>.<\/p>\n