Phone network hack means anyone can listen in on any mobile call

Old technology that allows mobile calls has vulnerability that could allow hackers to track your location all the time

Andrew Griffin
Friday 19 December 2014 15:39 GMT
Comments
Stephen Fry, life-long Apple lover, reviews the iPhone 6
Stephen Fry, life-long Apple lover, reviews the iPhone 6

A weakness in the network that enables mobile phone calls means hackers can listen in on any call and find the location of users – and researchers are unclear about how much the vulnerability has already been used.

The flaws make use of a vulnerability in SS7, the global network that allows companies to send calls, texts and other services to each other, reports the Washington Post.

The vulnerabilities are actually functions that are supposed to be used for other purposes, like keeping calls connected as users as they drive down motorways, that hackers re-purposes to allow access to the calls themselves.

Using the vulnerabilities can give hackers access to callers locations and phone calls.

Read More: Compare providers and find the best deals with our Mobile Phone Deals page

SS7, despite still being key to mobile phone’s functions, was built in the 1980s and is still riddled with serious vulnerabilities. But because it is the foundation of mobile phone systems, even as companies invest billions of pounds into new security and encryption techniques the problems will continue to exist.

The network is used worldwide, meaning that hackers do not even need to be anywhere near users’ phones to break into them.

The flaws will be reported at a hacker conference in Hamburg later this month. That will mark the first time that the vulnerability will be revealed to the public, but the vulnerability is likely to have been exploited already.

“I doubt we are the first ones in the world who realize how open the SS7 network is,” Tobias Engel, one of the German researchers that found the flaw, said.

Security experts recommend avoiding using mobile phones for any calls that contain sensitive information or that you would not like people to listen in on, according to Gizmodo.

"Don't use the telephone service provided by the phone company for voice. The voice channel they offer is not secure," the Alliance for Civil Liberties Union's principle technologist Christopher Soghoian told the gadget blog. Soghoian recommended using internet-based technologies like FaceTime, which is available on any iPhone, rather than mobile phone calls.

The researchers responsible for revealing the hack said that using a landline was also a much safer way of avoiding the problem.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in