German security researchers are to report on flaws in the Signalling System No. 7 (SS7) mobile network which make it possible to capture the contents of text messages, calls and mobile data even while the system is encrypted.
First standardised by the ITU-T in the 1980 Yellow Book and known in the UK as C7, SS7 is the standard signalling protocol for telephony world-wide. It controls the routing of calls and data, regardless of the tranmission technology - 2G, 3G, 4G and so forth - used to make said calls. Flaws in SS7, then, are serious business - and a group of researchers is to make public their findings on what are claimed to be serious security vulnerabilities in the system which make mass data capture a breeze.
According to a write-up by the Washington Post
, researchers from Sternraute and Security Research Labs have independently discovered security vulnerabilities in SS7 which allow for calls and data to be captured from anywhere in the world - even when the connection is encrypted, using a feature of SS7 which allows for the disclosure of a temporary decryption key which can be applied to the captured encrypted data, although this requires physical proximity to the target.
The claims come after the Washinton Post published evidence that governments world-wide were using known flaws in SS7 to track the physical locations of targets. The flaws discovered by the researchers are, however, thought to be novel and not related to the government-sanctioned spying systems uncovered by the paper. The researchers claim to have tested their findings on more than 20 mobile networks world-wide, and have reported their attacks working on every one.
So far, no mobile networks or standards bodies have responded to the findings, beyond a statement from T-Mobile which claimed the company 'remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks.
' The findings are to be publicised at a conference in Hamburg later this month.