Saudi Spies Are Tracking Phones in the United States

• Saudi spies are following the movement of their citizens in the United States and various European countries.
• The spies are abusing the SS7 system and get immense volumes of location data from any US carrier.
• Although the dangers of the SS7 flaws are known for years now, nothing has been done to fix them.

As reported by The Guardian, spies from Saudi Arabia are actively exploiting SS7 (Signaling System 7) vulnerabilities that became more widely known over a year ago, and they are reportedly using them to track people in the United States. These attacks were possible for quite some time now, but through the development of newer technologies, intercepting anyone's communications became possible by investing an amount of around $10,000. Thus, SMS routing, position tracking, and communication interception became a tangible possibility for every spy around the globe, including Saudi Arabians in the United States.

The publication reports having obtained a cache of data that contains a massive amount of location information requests. This surveillance campaign was based on drawing data from obsolete SS7 global messaging infrastructure and targeted subscribers of AT&T, Verizon, and T-Mobile. The targets of this campaign were Saudi Arabians who visited the United States. The tracking requests originate from Saudi Telecom, Mobily, and Zain, totaling 2.3 million PSI and PSL (provide subscriber location) requests from November 1, 2019, until March 1, 2020. Possibly, the Saudi regime is worried about what travelers do in Western countries. Still, The Guardian's whistleblower hasn't confirmed that the state is behind this campaign, meaning no fingers can be pointed.

PSI and PSL requests are actually a normal aspect of roaming services, but a large volume of these requests is usually an indicator of spying. Telcos should identify these attempts and block any further requests in these cases, but although US providers claim to have security controls in place, it seems that they aren't effective. Voices in the US, such as that of Senator Ron Wyden, accuse the FCC of doing nothing to force the carriers to ramp up their network security, although he and others have expressed their concerns about SS7 vulnerabilities since 2016.

Last year, we analyzed why fixing the SS7 isn't a simple process, and there are still no concrete plans to plug the MITM holes that exist, which makes things worse. Whether this is done on purpose - as some imply, to keep a surveillance path for intelligence agencies open, or if the SS7 is left unfixed purely due to negligence, it doesn't really make a difference for the consumer. There's a real problem of heinous abuse right now, and the stories that surface are just the tip of the iceberg. Considering that the subscribers can do nothing to protect themselves against these flaws, it is finally time for the regulators to step in and impose stricter regulation.