A security flaw in mobile phones could expose smart phone users to theft of their data, bugging of their calls and geo tracking of their location by hackers, fraudsters, rogue governments and commercial operators. The risk comes from flaws in the architecture of the cellular signalling system, called SS7, 60 Minutes reports.
A group of German hackers were given temporary legal access to SS7 to prove how easy it is to invade the privacy of a mobile phone user in a demonstration for 60 Minutes.
They managed to intercept a phone conversation from Germany to Independent Australian Senator Nick Xenophon who was at Australia’s Parliament House, and participating in the story. The hackers also intercepted and read the Senator’s text messages before geo-tracking him as he travelled to Japan, able to map his position within a range of 100 metres.
Australian telecommunications company Telstra acknowledged the flaws in the SS7 system. “Like any protocol, SS7 is vulnerable to exploitation by sophisticated and well-funded third parties with criminal intentions,” it said in a statement.
“In recognition of this we have network monitoring in place, not just with reference to SS7, and where we detect unusual or suspected illegal activity we take action and report this to relevant authorities.” Senator Xenophon was outraged by the vulnerability of mobile phone security and called for an immediate inquiry.
“This is actually quite shocking because it affects everyone, it means anyone with a mobile phone can be hacked, can be bugged, can be harassed,” he said. “The implications of it are enormous and what we find shocking is that the security services, the intelligence services, they know about this vulnerability.”