Congress Calls for Investigation into Vulnerabilities in SS7 Telephony Signaling Protocol

Sharyn Alfonsi, a CBS reporter, and German PC-hacker Karsten Nohl who's also a Chaos Computer Club member recently conducted one experiment to demonstrate how easy it's abusing design vulnerabilities within the telephony signaling framework, Signaling System 7 so that users can be tracked wherever they are, as well as even be spied upon when they're engaged in conversations.

For showing that their point stands correct, Mrs. Alfonsi selected Ted Lieu an U.S Representative whom she convinced for utilizing one fresh iPhone while holding tele-cons with his staff.

Everybody knows that SS7, a vital protocol assortment describing data, messages and phone-calls as network-routed, contains vulnerability. Fortunately, one latest report from '60 Minutes' tells that one-or-more Congress members were sufficiently spooked so they may take action on it. Accordingly, as per The Daily Dot, Mr. Lieu has asked for one thorough probe into the vulnerability which prompted one renowned security researcher to spy on Rep. Ted Lieu's activities via Los Angeles as well as tap on his phone calls devoid of him knowing about it.

Mr. Nohl's knowledge of the phone numbers only of Mr. Lieu helped him along with his researchers' group at Security Research Lab to mark Mr. Lieu's location wherever he moved to with his phone, as also tap the conversations between him and his employees.

Notably, after 60 Minutes' item got broadcasted on 17th, Mr. Lieu called the next day to conduct the probe into the widely prevalent vulnerabilities in SS7 impacting mobile-networks in USA, as well as international telephony arrangements. Softpedia.com posted this, April 18, 2016.

A worldwide telecommunications backbone, SS7 has mobile-networks dependent upon it, while it interprets phone numbers for network to network so that text calls and callers' real voices can be routed, billing information handled as also metadata relayed.

Meanwhile, as SS7 plays a central role and contains flaw existing since H2-2014, attackers can acquire admission into the backend of a mobile-network thus allowing them to trace everything regarding the mobile operator's subscribers.

The SS7 system generally is same in all countries, therefore according to Mr. Nohl, the above kind of assaults are expected to work anywhere on earth.

» SPAMfighter News - 4/25/2016