PINDROP BLOG

Lieu Pushes for Congress to Look at SS7 Security Flaw

Rep. Ted Lieu, who has been one of the loudest voices in Congress on security and privacy issues, is urging the House Committee on Oversight and Government Reform to look into the vulnerabilities in the SS7 phone protocol that allowed researchers to track and compromise Lieu’s phone in a demonstration this week.

The letter comes days after the demo, which was done on 60 Minutes over the weekend with Lieu’s cooperation. The attack had less to do with the iPhone Lieu was using in California than the problems with the Signaling System 7 protocol, a system that’s used to connect and help telecom carriers communicate. Security researchers in Germany, knowing only the number of Lieu’s iPhone, were able to take advantage of weaknesses in the SS7 protocol to track Lieu’s movements and listen to and record conversations on the iPhone.

What the researchers showed was that anyone who can access SS7, which includes a lot of employees at hundreds of global telecoms, can find data on subscribers and ultimately do what they did to Lieu. In the piece, Lieu called the demo “creepy”, and in his letter to the leaders of the Oversight and Government Reform committee he said the problems “threaten personal privacy, economic competitiveness and U.S. national security.”

Security researchers have known about the issues with SS7 for several years and there have been talks on the problems and demonstrations of attacks at various conferences. But Lieu hopes that his demonstration and the attention from Congress will bring the problem into the daylight and push carriers to fix it.

“The applications for this vulnerability are seemingly limitless, from criminals monitoring individual targets to foreign entities committing economic espionage on American companies to nation states monitoring U.S. government officials,” Lieu’s letter says. “The vulnerability has serious ramifications not only for individual privacy, but also for American innovation, competitiveness and national security. Many innovations in digital security–such as multi-factor authentication using text messages–may be rendered useless.

One of the problems with fixing the bugs in SS7 is that no one entity is responsible for it. The system is actually a group of protocols that helps carriers communicate and, like many things in the telecom world, it was designed decades ago and has evolved over the years. But the security of the system hasn’t kept up with the capabilities of researchers and attackers, as Lieu discovered. German researcher Karsten Nohl, who illustrated the problems in the 60 Minutes piece, has spoken publicly about them before, as have other researchers.

Now, Lieu (D-Calif.) is pushing his colleagues in the House of Representatives to look into the problem.

“I strongly believe that the action by the House Committee on Oversight and Government Reform is needed to examine the full scope and implications of the SS7 security flaw,” he wrote.