- SS7 attacks are no longer an exclusivity of intelligence agencies, as cyber-criminals are doing it at novel rates.
- Attackers can perform paid man-in-the-middle attacks, intercepting calls and SMS messages, or even locating a SIM number.
- No plans to change the network and communications infrastructure are underway, so banks are turning to phone apps for safer authentication.
According to a Motherboard report, hackers and cyber-criminals have now entered the shindig of exploiting SS7 in telecommunication networks, getting their hands to the SMS and calls of unaware people, and to do so in the context of offering a service. This means, that for an amount of money of around $10k, one can buy SMS routing services from hackers and intercept the communications of anyone you want. While many of these SS7 hacking service offerings are fake, the number of those who are true providers of what they promise is getting out of proportion.
SS7 attacks are a type of an exploit that leverages a vulnerability in the design of the signaling system 7, used by all cellphone telecommunication network operators. These attacks can enable their actors to intercept calls, SMS messages, and even locate a device. The security of the SS7 design is based solely on trust, and intelligence agencies have been using this “open door” to conduct eavesdropping operations for many years now. That said, the SS7 problem is a well-known one, but until today, its exploitation was being done by supposedly non-threatening surveillance parties, like national governments.
As expected, SS7 services are not bought by people who want to see if their spouse is cheating on them (although that’s a possibility), but for targeting high-yielding people and overriding any two-factor authentication systems that are in place as protection measures. Many banks and other key online service providers are using SMS as a form of authentication, so if the actors already have a person’s login credentials, all they need to do is to input the authentication code intercepted through SS7, before the target even realizes what happened. In fact, this has already happened multiple times in the last two years, drawing money from bank accounts in Germany, the US, the UK, and other places from around the world.
With many banks having already experienced SS7 attacks in multiple occasions, they have now opted to use apps for authentication instead of SMS messages. Telecommunication providers like Vodafone claim to have implemented specific security measures to protect their customers against SS7 vulnerabilities in their network, but those who seek the aforementioned services in the black market claim that no service-provider limitations are present, so everyone can allegedly be hacked. While there are SS7 firewalls and attack detection systems in place, there is still room for exploitation, as this is the intrinsic characteristic of the SS7 design that allows people to seamlessly and quickly connect with each other.
For now, no plans to reassess the SS7 are in processing, so our security relies on whether someone has a reason to launch a man-in-the-middle attack against us or not. If more hacking groups populate this stage, which is something that is already ongoing, the services will get cheaper to buy, and so more SS7 attacks will be carried out against anyone.