Hackers Have Been Stealing User Data From Global Cell Networks Since 2012

from the whoops-a-daisy dept

We’ve noted for a long time that the wireless industry is prone to being fairly lax on security and consumer privacy. One example is the recent rabbit hole of a scandal related to the industry’s treatment of user location data, which carriers have long sold to a wide array of middlemen without much thought as to how this data could be (and routinely is) abused. Another example is the industry’s refusal to address the longstanding flaws in Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US), a series of protocols hackers can exploit to track user location, dodge encryption, and even record private conversations.

This week, carriers were once again exposed for not being the shining beacons of security they tend to advertise themselves as. A new report emerged this week showcasing how, for years, hackers have been exploiting substandard security at more than 10 global wireless carriers to obtain massive troves of data on specific targets of interest. Researchers at Boston-based Cybereason, who first discovered the operation, say the hackers exploited a vulnerability on an internet-connected web server to gain a foothold into each cell providers internal network. Once inside, they exploited numerous machines to gain a deeper and deeper access to the cell network:

“You could see straight away that they know what they?re after,? said Amit Serper, head of security research at Cybereason. ?They would exploit one machine that was publicly accessible through the internet, dump the credentials from that machine, use the credentials stolen from the first machine and repeat the whole process several times.?

Once the hackers gained access to the domain controller, the hackers had control of the entire network. ?Everything is completely owned,? said Serper.

Comforting! Hackers, presumed to likely be state actors pilfering user data invisibly, then extracted gigabytes of data on targets without having to install malware on the target’s local phone. It’s not clear which state actors were involved; researchers suggest it was either China, or somebody eager to make it appear it was China:

“Cybereason did say it was with ?very high probability? that the hackers were backed by a nation state but the researchers were reluctant to definitively pin the blame.

The tools and the techniques ? such as the malware used by the hackers ? appeared to be ?textbook APT 10,? referring to a hacker group believed to be backed by China, but Div said it was either APT 10, ?or someone that wants us to go public and say it?s [APT 10].”

So far the researchers say no North American cell providers have been confirmed as targets, but given the stealth nature of the intrusions and how long they were being conducted without detection, that’s likely no guarantee intrusions didn’t happen all the same. The full report indicates this effort has been underway since at least 2012, again highlighting how global cellular networks may not quite be the bastions of security wireless carriers often profess them to be.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Hackers Have Been Stealing User Data From Global Cell Networks Since 2012”

Subscribe: RSS Leave a comment
Gerald Robinson (profile) says:


Back in the day AT&T needed to modernize control of the voice network to keep it functioning. Bell labs invented SS7 and implemented it (back then there was only AT&T)! They were happy with SS7 so they published a complete documentation of it. This led to the phone preaking movement. It’s too late to undo this mistake and impossible to fix the system, where AT&T could say "this is SS7 like it or don’t do phone business", now no one can say that!

The ‘net had the potential for fixing the problem, instead the Telcos simply built them into the ‘net!

Anonymous Coward says:

Re: SS7

They were happy with SS7 so they published a complete documentation of it. This led to the phone preaking movement.

What? SS7 nearly killed phreaking, which is believed to have started around 1957. The inband 2600 Hz tone was discovered by accident but the phreaks found the MF tones in the Bell System Technical Journal. SS7 didn’t come till 1975.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...