Unsecure Cellular Infrastructure protocols
April 12, 2022•228 words
If at war, If it’s legacy, it will be fallback.
SS7 protocol. Used widely, but consIdered legacy. Some copypasta (first point-mg) and my brain:
*Introduced and adopted in the mid 70s, SS7 (Common Channel Signaling System No. 7 or C7) has been the industry standard since, and hasn’t advanced much in decades.
*The SS7 protocol is used everywhere, and is the leading protocol for connecting network communication worldwide. Because it is so prevalent, used by both intelligence agencies and mobile operators.
-all cellular subscriber phone data from communication to location, ALL, is privy to operators and… intelligence agencies. Yes intelligence. For a fact. Great to find out. And we thought Pegasus was a thing?
*The set of SS7 telephony signaling protocols is responsible for setting up and terminating telephone calls over a digital signaling network to enable wireless cellular and wired connectivity. It is used to initiate most of the world’s public telephone calls over PSTN (Public Switched Telephone Network).
- According to telecommunications experts, all a bad actor would need to successfully launch an SS7 attack are a computer running Linux and the SS7 SDK – both free to download from the Internet. Once connected to an SS7 network, they can target subscribers on the network while fooling the network into thinking the device is actually an MSC/VLR node.
- Oh just Linux and an SDK. Greaaaaaaaaat.