Global Mobile Networks are Vulnerable to Security Bugs

A new study shows how mobile networks around the world have been hacked via bugs in the code

• By Matt Holden
• Oct 15, 2015

Bugs that could potentially carry out large scale fraud and unlawful surveillance have been discovered in a new study by Adaptive Mobile, according to a report. These bugs were found in every territory studied, and were likely developed by criminals and/or governments by bugs inserted into the code.

These bugs are introduced by way of the Signalling System 7 (SS7), a system that connects mobile networks around the world.

"The SS7 technology is a huge pervasive network that spans the world," said Cathal McDaid, head of Adaptive Mobile’s threat intelligence unit. "More people use it on a daily basis than use the internet."

Other research had already identified SS7 as a potential weakness, noting the way it had been implemented.

Hackers can trick mobile providers by rigging the billing system into giving them cheaper international calls and roaming. These same loopholes can be used for more dangerous activities, such as tracking users and listening in on calls.

On the government side, SS7 flaws were found to redirect conversations on Ukraine’s mobile network to a Russian mobile operator.