Telecom Lobbyists Downplayed 'Theoretical' Security Flaws in Mobile Data Backbone

An anonymous reader shares a report: According to a confidential document obtained by Motherboard, wireless communications lobby group CTIA took issue with an in-depth report by the Department of Homeland Security on mobile device security, including flaws with the SS7 network. In a white paper sent to members of Congress and the Department of Homeland Security, CTIA, a telecom lobbying group that represents Verizon, AT&T, and other wireless carriers, argued that "Congress and the Administration should reject the [DHS] Report's call for greater regulation" while downplaying "theoretical" security vulnerabilities in a mobile data network that hackers may be able to use to monitor phones across the globe, according to the confidential document obtained by Motherboard. However, experts strongly disagree about the threat these vulnerabilities pose, saying the flaws should be taken seriously before criminals exploit them. SS7, a network and protocol often used to route messages when a user is roaming outside their provider's coverage, is exploited by criminals and surveillance companies to track targets, intercept phone calls or sweep up text messages. In some cases, criminals have used SS7 attacks to obtain bank account two-factor authentication tokens, and last year, California Rep. Ted Lieu said that, for hackers, "the applications for this vulnerability are seemingly limitless."

The risks are to their customers, not them

So why spend a cent to fix the issue. The free market is the best! It fixes everything. I'll just go to the carrier who fixes it. Oh wait, this is collective bargaining. No one fixes it and there is no where to go.

Re:The risks are to their customers, not them

[sl3xd]

That's making a few (dangerous) assumptions:

1. That actors involved will always act rationally, or at least in their own self interest. History proves that to be false, because "Humans."
2. Customers can sue to recover damages. (ie. Mandatory 'arbitration' clauses removing your ability to sue; arbiters rarely side with customers.)

Also... just what rules and regulations are forcing the carriers to use SS7? Absolutely none. SS7 is an interoperable standard that's very convenient for the industry. The industry has long known that SS7 is ancient and insecure, and has begun transitioning to a designated replacement: DIAMETER.

Right now, SS7 can be used by foreign powers to eavesdrop on Capital Hill, including transparently forwarding calls (effectively a wiretap), intercepting text messages, and more.

That is not a small security hole, it's not limited to a few users, and there are actual attacks happening.

In other words, it's a threat to "Homeland Security," something the DHS is supposed to care about.

Here, the DHS is saying "It's time to recognize that SS7 is a threat to National Security. It's time to encourage a faster transition to its replacement."

SS7 is NOT a Mobile Data Backbone!!!

[williamyf]

For the last fileSytemChecking time! SS7 IS NOT a "Mobile Data Backbone"

SS7 is a SIGNALING protocol. Think of ICMP+OSPF+BGP... this is used for the "Switches" in the telecom network to coordinate among themselves, and NOT to carry data (unless you consider SMSs data). Very important, yes. I'd dare say critical. But, Mobile Data Backbone... NO!

Call it something other than Mobile Data BackBone.

Re:SS7 is NOT a Mobile Data Backbone!!!

[Strider-]

The issue is with people who use SMS as part of their 2FA, among others.

In the bank account thing, the attackers were able to breach the victim's computer to gain the initial credentials. They then used a compromise of the SS7 signalling to intercept the SMS message from the bank, obstensibly to the victim, to get the password to unlock the account. In effect, the Bank's 2FA wasn't proper, because they trusted the network to do the right thing, and didn't ensure that the password went to the account holder's device.