top of page

What is the SS7 protocol and what are its security implications?


The SS7 protocol has been a source of controversy lately because of its security vulnerabilities.

What is SS7, and what are the issues with it?

Signaling System 7, or SS7, connects your calls from one cell tower to another as you travel.

Your phone number is all the hackers need to record conversations and messages between you and a business partner or a legislator. If you use your phone's map to help you reach your destination, the hackers can track your movements from one place to another. Phone numbers are available on social media or can be collected through airwaves via radio antennas.

There are no rules mandating that the Federal Communications Commission (FCC) address flaws in wireless communication systems.

The SS7 protocol lets you make calls outside of your home service -- within or outside the United States' borders. Unknown too many cellphone users, vulnerabilities lurk in the SS7 protocol. Hackers can send commands to SS7 to hijack's a cellphone's forwarding function and redirect calls to themselves for listening or recording. These calls are then quickly forwarded to the intended recipient of your call. Using malicious tools, hackers can also intercept your emails and get the cellphone's camera to spy on you.

Recognizing major flaws in cellular networks in the United States, Sen. Ron Wyden (D-Ore.) and Rep. Ted Lieu (D-Calif.) together wrote a letter to FCC head Ajit Pai on known security issues in modern communications, including the SS7 protocol. They asked the FCC to force cellular companies to address these vulnerabilities, warn the American people on ways foreign governments can hack their mobile data and promote the use of end-to-end encryption apps.

However, the chairman responded that cybersecurity is not the FCC's problem. Sen. Wyden has been persistent on mandating cybersecurity practices to protect Senate email and digital networks.

To make matters more urgent, hackers recently used this vulnerability in the SS7 protocol to hack into the accounts of banking customers in Germany.

It's unclear what action the federal government will take regarding SS7.

Thanks to Judith Myerson for contributing to this article. Judith is a security expert who writes for TechTarget. She reports on tech news in the IT/infosec world, covering today's most relevant topics.

Learn More

Discovernet has been selected as one of Canada's Top 50 Best Managed IT companies for 2017. To learn more about how we can help create a solution tailored for your unique business needs, visit http://discovernet.ca

Or contact us at http://discovernet.ca/contact-us/ or call 905-814-8383.


Bob Seccaspina

 

Bob has had 25 years of Sales, Marketing and Management experience in  the IT field.  He has been responsible for revenue growth and gaining market share by executing brand strategies, and building organization capabilities through direct and channel teams.

 

Bob has built high-performance teams through hands-on, active coaching and through identifying and attracting and retaining high-performing human resources.

 

He has worked with CEO’s, CIO’s, and senior business executives to help deliver on growth and cost efficiencies.  He has created initiatives through strategies that capitalized on market trends, leading to exponential organizational growth.

Other Posts
More IT on the web

 

IT Force

 

Follow Me
  • IT-Force-Logo_edited
  • LinkedIn Social Icon
  • Facebook Basic Black
  • Twitter Basic Black
  • YouTube Basic Black
Search By Tags

© 2017 Sales and Technology. 

  • IT-Force-Logo_edited
  • LinkedIn Social Icon
  • Facebook Basic Black
  • Twitter Basic Black
  • YouTube Basic Black
bottom of page