Researchers recently showed that the SS7 protocol, which routes calls between switching centers, is insecure. Is...
that the case? If so, what security measures could be put in place to mitigate the threat?
Developed in 1975, SS7 (which stands for Signaling System No. 7) is a signaling protocol that allows carriers to set up and tear down phone line connections, translate phone numbers, and yes, SMS -- the ubiquitous texting protocol we all use every day.
The attack in question is essentially a man-in-the-middle attack on cell phone communications that, among other things, exploits the lack of authentication in the communication protocols that run on top of SS7. Given the proper access, criminal hackers or government spies could track cell phone users' movements and communications.
But here's the catch: you need SS7 access from a network operator or telecommunications provider -- not something your everyday criminal hacker has easy access to. But, certainly, every government that desires to spy on its citizens can access these networks and do as they wish.
So what can you do to prevent issues involving the SS7 protocol?
If you're afraid of an attacker with ill intent targeting your employees (especially executives) or you don't want your users to be spied on, you can have them stop talking and texting on their cell phones. I know this sounds tongue-in-cheek, but what's the alternative? Super-secretive messaging over proprietary protocols and systems? The Blackphone? Skype? Outside of the carriers and telecom vendors changing the way things work, I don't know that there's a reasonable way to prevent such eavesdropping. That's like expecting Microsoft to drop the Windows NT-based registry or the decades-old SMB protocol in future versions of Windows to help prevent attacks. I don't think it's going to happen.
Ask the Expert:
Have a question about network security? Send it via email today. (All questions are anonymous.)
Learn more about telecommunications and network security in this CISSP training guide
Dig Deeper on IPv6 security and network protocols security
Related Q&A from Kevin Beaver
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading