October 16, 2015
Hackers have been known to use all manner of remote access tools to break into mobile phones, often by finding vulnerabilities in an operating system like Android or even in SIM cards. It’s more rare to try and tap into the network infrastructure that routes these calls for mobile operators themselves. Yet new research shows that one nefarious kind of network surveillance is happening too, across the world.
A survey of a handful of large mobile operators on each continent showed that hackers have been exploiting a key signalling protocol for routing cellular calls known as SS7, to track the location of certain mobile users and in some cases, listen in on calls.
Across a range of operators, 0.08% of SS7 packets being sent across a network in Africa were deemed suspicious. In Asia the rate was 0.04% and in the Americas it was 0.025%, according to research by Dublin based research firm Adaptive Mobile.