PINDROP BLOG

Congress Pushes DHS For Answers on SS7 Security

A year after flaws in SS7, one of the underlying protocols in the cell network came to the public’s attention, two powerful members of Congress are asking the secretary of Homeland Security how DHS has addressed the threat and whether the department has sufficient resources to detect and defeat SS7-related attacks.

The flaws in SS7, a protocol that’s designed to connect various telecom carriers, can enable anyone with access to the system to carry out discreet surveillance against a victim, knowing only the target’s phone number. Many people at each of the carriers have access to the system, and security researchers have been warning about the problem for years. Last year, researchers demonstrated an attack on the phone of Rep. Ted Lieu (D-Calif.) using this technique, prompting Lieu to call on congressional leaders to address the issue.

Now, a year later, Lieu and Sen. Ron Wyden (D-Ore.) have sent a letter to John F. Kelly, secretary of Homeland Security, to detail what the department has done to address the SS7 problem and whether the federal government understands how this vulnerability could be used for surveillance.

“We are deeply concerned that the security of America’s telecommunications infrastructure is not getting the attention it deserves. Although there have been a few news stories about this topic, we suspect that most Americans simply have no idea how easy it is for a relatively sophisticated adversary to track their movements, tap their calls, and hack their smartphones. We are also concerned that the government has not adequately considered the counterintelligence threat posed by SS7-enabled surveillance,” the letter says.

In the letter, Lieu and Wyden ask Kelly to submit answers to several questions, including:

  1. Do you have any reason to doubt the significance of the SS7-enabled surveillance threat?
  2. What resources has DHS allocated to identifying and addressing SS7-related threats? Are these resources sufficient to protect U.S. government officials and the private sector?
  3. Have U.S. wireless carriers provided all necessary assistance in determining the extent to which their networks are vulnerable, and the extent to which SS7-enabled access to their cellular networks has been exploited by foreign adversaries?

Both Lieu and Wyden have been vocal on security, privacy, and surveillance issues for several years, and they say in the letter that the extent of the problem with SS7 is likely unknown to most Americans. Most users likely have no idea that the SS7 system exists, let alone what security problems it has. One of the main issues is that SS7 isn’t owned by any corporation and no single regulatory body has authority over it, so addressing the problems isn’t the responsibility of any specific organization.