- Home
- Techniques
- Mobile
- Exploit SS7 to Redirect Phone Calls/SMS
Exploit SS7 to Redirect Phone Calls/SMS
An adversary could exploit signaling system vulnerabilities to redirect calls or text messages (SMS) to a phone number under the attacker's control. The adversary could then act as a man-in-the-middle to intercept or manipulate the communication. [1] [2] [3] [4] [5] Interception of SMS messages could enable adversaries to obtain authentication codes used for multi-factor authentication[6].
Mitigations
Mitigation | Description |
---|---|
Encrypt Network Traffic |
Use of end-to-end encryption of voice calls and text messages "provides another layer in the defense against potential information compromise by SS7 enabled eavesdropping."[5] |
Interconnection Filtering |
Detection
Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation as described by the Communications, Security, Reliability, and Interoperability Council (CSRIC). [5] The CSRIC also suggests threat information sharing between telecommunications industry members.
References
- Positive Technologies. (n.d.). SS7 Attack Discovery. Retrieved December 19, 2016.
- Communications Security, Reliability, Interoperability Council (CSRIC). (2017, March). Working Group 10 Legacy Systems Risk Reductions Final Report. Retrieved May 24, 2017.
- Iain Thomson. (2017, May 3). After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts. Retrieved November 8, 2018.