Hackers Spied on US Congressman’s Smartphone
With US Congressman Ted Lieu’s permission for a piece broadcast Sunday night by 60 Minutes, Karsten Nohl of German Security Research Labs was able to intercept his iPhone, record phone call made from his phone to a reporter, and track his precise location in real-time.
During the phone call about the cell phone network hacking, Lieu said: “First, it’s really creepy, and second, it makes me angry.”
“Last year, the President of the United States called me on my phone, and we discussed some issues,” he added. “So if hackers were listening in, they’d know that phone conversation, and that is immensely troubling.”
What’s more awful is that the designing flaws in SS7 have been in circulation since 2014, when the same German researchers’ team alerted the world to it. Some flaws were patched, but few apparently remain or intentionally left, as some observers argue, for governments to snoop on its targets.
The major problem with SS7 is that if any one of the telecom operators is hacked or employs a rogue admin, a large scale of information, including voice calls, text messages, billing information, relaying metadata and subscriber data, is wide open to interception.
The weakness affects all phones, whether it’s iOS, Android, or whatever, and is a major security issue. Although the network operators are unwilling or unable to patch the hole, there is little the smartphone users can do.
How Can You Avoid this Hack?
The best mitigation is to use communication apps – that offers “end-to-end encryption” to encrypt your data before it leaves your smartphone – over your phone’s standard calling feature.
Lieu, who sits on House subcommittees for information technology and national security, also argues for Strong Encryption that, according to the Federal Bureau of Investigation (FBI), make it harder to solve crimes.
Lieu strongly criticized the United States agencies, if any, that may have ignored such serious vulnerabilities that affect Billions of cellular customers.
“The people who knew about this flaw [or flaws] should be fired,” Lieu said on the show. “You can’t have 300-some Million Americans—and really, right, the global citizenry — be at risk of having their phone conversations intercepted with a known flaw, simply because some intelligence agencies might get some data.”
Few of such apps that are popular and offers end-to-end encryption are Signal, WhatsApp, and Apple’s iMessage service that keep users communications safe from prying eyes and ears.