By [1]David DiMolfetta

  | March 28, 2024

The protocols are a cornerstone of wireless communications but may contain
flaws that enable hackers to tap into Americans’ mobile activities, the
agency says.

    * [2]FCC
    * [3]Telecom

  The Federal Communications Commission is asking communications service
  providers to give the agency a progress update on how they are
  refurbishing their networks to prevent spies and cybercriminals from
  exploiting protocols that could let bad actors track targets.

  The FCC has been working to reduce vulnerabilities in the Signaling
  System No. 7 — or SS7 — protocol, as well as the Diameter protocol, a
  pair of foundational wireless signal functionalities that enable phone
  calls, text messages and other communications to travel across
  different network layers uninterrupted.

  SS7 and Diameter have [4]frequently made headlines for flaws in their
  algorithms that could potentially let hackers tether their own
  communications streams to Americans’ conversations, allowing them to
  spy on and track individuals, including journalists, politicians or
  political dissidents. SS7 and Diameter are considered vital tools that
  enable modern wireless communications, especially over roaming networks
  for individuals traveling abroad, but such protocols have not been
  fully augmented to meet modern encryption standards, the agency argues.

  The FCC is [5]asking providers to detail what steps they’ve taken to
  prevent customer spying over SS7 and Diameter, and also asks them to
  reveal known instances in which targets were successfully compromised.

  The inquiry comes a month after privacy hawk Ron Wyden, a Democratic
  senator from Oregon who sits on the Senate Intelligence Community,
  [6]asked the Biden administration to look into the matter.

  “America needs to ramp up our defenses against mercenary surveillance
  companies that help foreign dictators threaten U.S. national security,
  human rights and journalists working to expose wrongdoing,” Wyden said
  in response to the inquiry that was launched Wednesday.

  SS7 flaws became front and center concerns in April 2016, when German
  researchers in a demonstration exploited the protocol to [7]track the
  location and communications of Rep. Ted Lieu.

  Lieu, later that year, urged the FCC to [8]expedite an investigation
  into SS7 flaws after Russian operatives [9]hacked into the Republican
  and Democratic Congressional Campaign Committees.

  Lieu’s office did not respond to a request for comment about the new
  FCC inquiry by publishing time.

References

  1. https://www.nextgov.com/voices/david-dimolfetta/25968/?oref=ng-post-author?oref=rf-post-author
  2. https://www.nextgov.com/topic/fcc/?oref=ng-article-topics
  3. https://www.nextgov.com/topic/telecom/?oref=ng-article-topics
  4. https://cyberscoop.com/ss7-stingrays-imsi-catchers-chris-krebs-dhs-ron-wyden/
  5. https://www.fcc.gov/document/pshsb-seeks-comment-implementation-security-protocols
  6. https://www.wyden.senate.gov/news/press-releases/wyden-urges-biden-administration-to-crack-down-on-surveillance-companies-and-shore-up-security-of-wireless-networks
  7. https://www.theguardian.com/technology/2016/apr/18/phone-number-hacker-read-texts-listen-calls-track-you
  8. https://lieu.house.gov/media-center/press-releases/congressman-lieu-requests-update-expedited-investigation-fcc-ss7-flaw
  9. https://www.nbcnews.com/news/us-news/hack-democratic-congressional-campaign-committee-tied-earlier-breach-n619786

You are viewing proxied material from 1436.ninja. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.