Cybercriminals could access calls and texts using just your phone number
Your phone number holds the key that could give cybercriminals access to your location, phone calls and texts, according to a new report by CBS 60 Minutes.
The security flaw was demonstrated on – and with the permission of – US congressman Ted Lieu, who was given a new phone in California and was able to be tracked from Berlin by security researcher Karsten Nohl.
As noted by the Guardian, the hack was first demonstrated by Nohl in 2014 at a security conference in Hamburg, but is still possible more than a year later.
The hack is based around the network interchange service called Signalling System No. 7 (SS7), which operates in the background connecting one network or caller to another. The system is responsible for things like number translation, SMS transfer and billing.
Using the congressman’s phone number, researchers demonstrated how they could exploit a flaw in SS7 and effectively gain access to almost everything on the device.
The demonstration showed how attackers can track location based on mobile phone mast triangulation, while they can also read text messages and record or listen to phone calls.
Worryingly for consumers, the attack happens at network level, meaning it doesn’t matter which phone they are using and there’s little they can do to protect against such attacks.
Mr Nohl said: “The mobile network is independent from the little GPS chip in your phone, it knows where you are.
“So any choices that a congressman could have made, choosing a phone, choosing a pin number, installing or not installing certain apps, have no influence over what we are showing because this is targeting the mobile network. That, of course, is not controlled by any one customer.”
The security expert described the SS7 flaw as a “significant risk” mostly to political leaders and business executives whose private communications could be of high value to cybercriminals.
The revelations are likely to bring SS7 under increased scrutiny.
“It’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers,” said the Washington Post earlier this year.