22 May 2017

CYBER THIEVES NOW EXPLOITING SS7 FLAWS TO HACK SMARTPHONE TWO-FACTOR AUTHENTICATION SYSTEMS; SYSTEMS THAT CAN SECRETLY TRACK YOUR MOVEMENTS VIA YOUR CELLPHONE FOR SALE ON THE WEB


“Every breath you take, every move you make, move you make, every step you take…..I’ll be watching you,” are the lyrics to the 1983 song, ‘Every Breath You Take,’ by the group – The Police. A song, no doubt, that George Orwell would appreciate. Technology can be a wonderful thing; and, open up so many possibilities for enriching our lives — that heretofore were not available to many millions, if not billions of people around the globe. But, as with most things in life, along with the good, there is also the bad. 

Craig Timberg’s August 14, 2014 article, “For Sale: Systems That Can Secretly Track Where Cellphone Users Go Around The Globe,” highlighted the fact that “makers of surveillance systems were offering governments across the globe, the ability to track the movements of almost anybody who carries a cell phone — whether they are blocks away, or on another continent.” Mr,. Timberg explained that “the technology works by exploiting an essential fact of all cellular networks: They [these devices] must keep detailed, up-to-the-minute records on the locations of their customers to deliver calls and other services to them. Surveillance systems are secretly collecting these records to map people’s travels over days, weeks, or longer.” 

The idea that we were being constantly monitored; and, our every movement was being tracked/monitored through our devices such as our mobile phone, wasn’t a secret as Mr. Tamberg wrote at the time — is just wasn’t known by a great many people, nor was it openly discussed and written about. But, software engineers, among others, certainly knew that such a capability existed — but, even they were probably unaware how widespread this vulnerability or flaw was being exploited — by commercial entities who wanted to know our shopping habits, to law enforcement authorities who needed to track a suspect in an investigation, to foreign intelligence agencies, cyber thieves and so on. 

Since Mr. Tamberg’s article, the surveillance landscape has considerably changed — with the advent and widespread use of encryption, applications that erase our digital conversations, as well as a plethora commercially available and affordable devices and techniques that can either hide and/or disguise who we are; and, where we might be at any given time. But, the race between those who are constantly upgrading their surveillance capabilities, versus those who are inventing new techniques and devices to help one stay hidden remains a high-stakes ‘game’ of digital cat-and-mouse that changes almost daily. Which brings me to Mr. Bruce Schneier’s latest blog post (May 10, 2017), “Criminals Are Now Exploiting SS7 Flaws To Hack Smartphone, Two-Factor Authentication Systems,” which can be accessed on his blog — Schneier On Security. 

Cyber Thieves Exploiting SS7 Flaws To Hack Smartphones

Mr. Schneier is considered one of the top cyber security experts in the world. Mr. Schneier writes on his blog today, that he has previously “written about the serious vulnerabilities in the SS7 [mobile] phone routing system. Basically, the system doesn’t authenticate messages. Now, criminals are using it to hack smartphone-based-two-factor-authentication: In short, the issue with [the] SS7 is that the network believes whatever you tell it. SS7 is especially used for data-roaming; when a phone user goes outside their own provider’s coverage; messages still need to get to them. But, anyone with SS7 access, which can be purchased for around 1,000 Euros – according to The Suddeutsche Zeitung can send a routing request; and, the network may not authenticate where the message is coming from,” Mr. Schneier wrote.

“That allows the attacker to direct a target’s text messages to another device; and in the case of the bank accounts, steal any codes needed to login, or green-light money transfers (after the hackers obtained victims passwords),” Mr. Schneier warns.

No one should be surprised by this latest vulnerability. Anything connected to the Internet of Things (IoT) is subject to being hacked. Stand-alone machines, encryption, utilizing best hygiene practices, two-step authentication, strong password adherence, etc. can all substantially decrease the chances of a hack or breach; but, I do not know of anything that is impregnable. Much as the Maginot Line failed miserably, even our best cyber security protection measures — given a sophisticated and determined adversary — especially nation-state spy agencies, cyber criminal mafias, cyber ‘patriots,’ and the cyber lone wolf. You must always assume your network is dirty — to some degree — and go from there. Just because some cyber expert, or anti-virus program tells you your device or system is clean…..doesn’t mean that it is. Industrial grade stealth malware has been offered for sale on the Dark Web and elsewhere; and, there are even hackers for hire who will perform a hack of your target for a price, of course. Clever stay-behinds, stealth malware, Trojan Horses, implants, and so on, act as the ‘gift that keeps on giving’ for these darker cyber angels of our nature. Never assume your network is entirely clean. To do otherwise invites strategic and potentially catastrophic surprise. Remember, the best cyber thieves…….haven’t been caught yet.

No comments: