Hackers Have Been Stealing User Data From Global Cell Networks Since 2012
from the whoops-a-daisy dept
We’ve noted for a long time that the wireless industry is prone to being fairly lax on security and consumer privacy. One example is the recent rabbit hole of a scandal related to the industry’s treatment of user location data, which carriers have long sold to a wide array of middlemen without much thought as to how this data could be (and routinely is) abused. Another example is the industry’s refusal to address the longstanding flaws in Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US), a series of protocols hackers can exploit to track user location, dodge encryption, and even record private conversations.
This week, carriers were once again exposed for not being the shining beacons of security they tend to advertise themselves as. A new report emerged this week showcasing how, for years, hackers have been exploiting substandard security at more than 10 global wireless carriers to obtain massive troves of data on specific targets of interest. Researchers at Boston-based Cybereason, who first discovered the operation, say the hackers exploited a vulnerability on an internet-connected web server to gain a foothold into each cell providers internal network. Once inside, they exploited numerous machines to gain a deeper and deeper access to the cell network:
“You could see straight away that they know what they?re after,? said Amit Serper, head of security research at Cybereason. ?They would exploit one machine that was publicly accessible through the internet, dump the credentials from that machine, use the credentials stolen from the first machine and repeat the whole process several times.?
Once the hackers gained access to the domain controller, the hackers had control of the entire network. ?Everything is completely owned,? said Serper.
Comforting! Hackers, presumed to likely be state actors pilfering user data invisibly, then extracted gigabytes of data on targets without having to install malware on the target’s local phone. It’s not clear which state actors were involved; researchers suggest it was either China, or somebody eager to make it appear it was China:
“Cybereason did say it was with ?very high probability? that the hackers were backed by a nation state but the researchers were reluctant to definitively pin the blame.
The tools and the techniques ? such as the malware used by the hackers ? appeared to be ?textbook APT 10,? referring to a hacker group believed to be backed by China, but Div said it was either APT 10, ?or someone that wants us to go public and say it?s [APT 10].”
So far the researchers say no North American cell providers have been confirmed as targets, but given the stealth nature of the intrusions and how long they were being conducted without detection, that’s likely no guarantee intrusions didn’t happen all the same. The full report indicates this effort has been underway since at least 2012, again highlighting how global cellular networks may not quite be the bastions of security wireless carriers often profess them to be.
Filed Under: data, hackers, mobile networks, ss7
Comments on “Hackers Have Been Stealing User Data From Global Cell Networks Since 2012”
It appears to possibly be China
Soo, it’s the US. Great job guys! What have those foreign diplomats been discussing?
Are these the guys who exposed various celeb nudes?
So... not stealing?
The hackers might have done us a service had they’d stolen the data—then the telcos and intelligence agencies couldn’t have accessed them. What the article describes looks more like copying than theft, and while it’s not surprising that a reporter would conflate these, I expect Techdirt to know better.
Re: So... not stealing?
I guess it depends.
By their own definitions, yes stealing.
By that which everyone else uses as definitions, no – not stealing.
Fake Definitions
Revelation it was NSA code that was accidentally handed out on fortune cookies in 3….2….
SS7
Back in the day AT&T needed to modernize control of the voice network to keep it functioning. Bell labs invented SS7 and implemented it (back then there was only AT&T)! They were happy with SS7 so they published a complete documentation of it. This led to the phone preaking movement. It’s too late to undo this mistake and impossible to fix the system, where AT&T could say "this is SS7 like it or don’t do phone business", now no one can say that!
The ‘net had the potential for fixing the problem, instead the Telcos simply built them into the ‘net!
Re: SS7
What? SS7 nearly killed phreaking, which is believed to have started around 1957. The inband 2600 Hz tone was discovered by accident but the phreaks found the MF tones in the Bell System Technical Journal. SS7 didn’t come till 1975.
It’s obviously either China or somebody else.
Blegh! Obviously!