Democratic California Congressman Ted Lieu last week urged the FCC to hasten its investigation of security flaws in Signaling System 7 (SS7) in light of the recent foreign hack of the Democratic and Republican Congressional Campaign Committees.
In his letter to FCC Chairman Tom Wheeler, Lieu said the flawed SS7 system provides an open door for foreign hackers who want to intercept the private communications of U.S. government officials.
“The SS7 problem is no longer a theoretical threat,” Lieu wrote. “We now have a mass release of cell phone numbers of Members of Congress likely caused by a Russian government that has full access to utilize the SS7 flaw. Because we don’t know how long the hackers had access to this information, it is very possible nearly half of Congress has already had voice and text data intercepted.”
As well as facing a threat from Russia, Lieu said Congress could also be up against hackers from other “enemy adversaries,” including North Korea and Iran.
Lieu said the consequences of leaving the SS7 flaw unattended could be “severe, both for our national security and the integrity of American elections.”
Lieu asked Wheeler to speed up its SS7 investigation and provide an estimate to congress when such a review might be completed. Lieu also asked for information on what the FCC has already learned about the flaw in SS7 so Congress can appropriately respond to the recent hacks.
Lieu’s request comes four months after the FCC said it would take up an investigation of SS7’s security issues in the wake of an April 60 Minutes report that highlighted flaws in the network. The FCC tasked its Communications Security, Reliability and Interoperability Council (CSRIC) to look into the matter, but gave no date for the investigation’s completion.
The flaw in question was first demonstrated by German hacker Karsten Nohl in 2014 and allows hackers an avenue to gain access to a user’s emails, texts, contacts, phone conversations, location information and other private data using just a phone number.
Though the exact details of how the hack works were not revealed in the 60 Minutes report, CTIA’s vice president of Cybersecurity and Technology John Marinho at the time speculated the special access to carrier networks afforded to Nohl for the report allowed him to recreate one of the highly privileged “peering relationships” the SS7 network is based on. This strategy, Marinho said, would allow an intruder to appear as just another carrier communicating with another carrier.
Back in April, Gigamon Director of Service Provider Solutions Andy Huckridge said knowledge of the SS7 flaw was “nothing new,” but said the transition from SS7 to IP-based technologies pushed the concern to the bottom of operators’ priority lists.
But Lieu’s concerns about foreign hackers aren’t unfounded.
As pointed out by AdaptiveMobile – which consulted with 60 Minutes on its report – the Ukrainian secret service (SBU) in May 2014 published a document detailing a number of suspicious/altered SS7 packets from “telecom network elements with Russian addresses” that were sent to a number of Ukranian mobile subscribers. The SBU’s report said the packets allowed location and possibly other private user information to be revealed.
Filed Under: Industry regulations + certifications