Mobile Phone intercept, it’s not new

A 60 Minutes report demonstrated how mobile networks could be intercepted and that this has been an open secret within intelligence agencies.

Mobile intercepts are done by accessing the mobile network infrastructure shared by providers across the world. The mobile infrastructure utilise a protocol called SS7 that handles call connections and subscriber information. So, anyone with access to SS7 can intercept subscribers on the network just about anywhere in the world.

Demonstration on base band weaknesses was made as early as 2010, Karsten Nohl the person who demonstrated this to 60 Minutes presented his findings in 2010 and again in 2014. If you have thought about it, chances are that someone else has as well. In this case, intelligence agencies.

Why is this not a big deal?

Just as providers and adversaries could intercept landlines through a PBX, wire taps and even exchanges, surely the same principles/assumptions would exist for mobile technologies?

All the same information security networking rules apply: if you have anything of importance to transmit over a 3rd party network, assume that the 3rd party is not trusted and make sure you have some sort of end to end encryption in place (like the couplers used in spy movies) or use an alternative method.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s