Researchers have found a security hole in a system used by global cellphone carriers that can open the door for hackers to eavesdrop on private phone calls, text messages and data traffic on a large scale.
The security flaws discovered by the Berlin-based Security Research Labs could affect a telecommunications standard known as Signaling System 7, or SS7, which is used by cell phone carriers to manage connections between cellular networks.
The flaws include functions that are built into SS7 such as keeping calls connected as users speed down highways as well as switching between cell towers.
The German researchers said a skilled person could use the shortcomings for surveillance of mobile phone traffic.
“Given how valuable such spying capabilities are to states and other criminal actors, I would be very surprised if we are first to find these hacking vectors,” company researcher Karsten Nohl said Friday.
Nohl further said cellphone companies were quietly informed of the problematic issue earlier this month.
Two German mobile firms, T-Mobile and Vodafone Deutschland, have said they have adopted measures to prevent hackers and spies from exploiting the deficiency.
Nohl also said cell phone carriers could easily fix the issue by blocking certain network requests submitted over SS7 by other companies, adding, “We were really surprised that most of them don’t do that.”
The details of the problem are slated to be presented at a computer security conference in Hamburg, Germany, next week.
- Graham: "I Wonder If My Meetings Are Being Surveilled by the Intelligence Community"
- NSA Documents Prove Surveillance of Donald Trump & His Family
- "Jihad Will Soon Begin in Europe" Turkish Foreign Minister
- Turkey Threatens to Open Border with Europe to New Flood of Asian Migrants
- Germany's AfD pledges to deport at least 200,000 Muslim migrants per Year