A report from CBS’ 60 Minutes over the weekend highlighted a disturbing vulnerability in modern cellular communications, specifically the SS7 protocol used for voice, text and billing, that could apparently give out a great deal of user information with the only requirement being for the hacker to have the phone number of their intended target. Demonstrated originally by German security research Karsten Nohl, the hack was brought to public attention when CBS gave U.S. Congressman Ted Lieu of California an iPhone that would serve as a target. Nohl and his team were able to gather info such as who Lieu contacted, the content of SMS messages and the locations of everybody involved. Over a year after the hack was originally reported, it had yet to be patched. Some say this is due to international intelligence agencies using the hack themselves and not wanting it patched up.
While U.S. carriers did not want to discuss the matter when our source, Fierce Wireless, asked them for comment, there was one agency who was glad to address the hack. The Cellular Telephone Industries Association, or CTIA, dismissed the demonstration of the hack, saying that the demonstration given required “extraordinary access” to some of the German networks used and would not reflect the current state of mobile network security in the U.S., despite the test target for the demonstration being on U.S. soil. Instead, they maintained that the security hole was null and void in the United States. It should be noted that the iPhone that Congressman Lieu was given was not under end to end encryption, or any more encryption than most users have on an every day basis.
Congressman Lieu, on the other hand, has made a motion to open up a congressional investigation into the vulnerability, how secure American airwaves are and how the hole can be patched up. According to Lieu, the possible applications for a hack of this nature are vast and it should be a priority to address the vulnerability. He wants it looked into by the House Oversight and Government Reform Committee, which he happens to be a member of. Given that this vulnerability was made very public and went mostly unaddressed, as well as the fact that there are whispers that the vulnerability may be a government tool of sorts, nobody can really guess whether the investigation will get off the ground.