Cellphone surveillance systems can track almost anybody
Posted on 26 August 2014.
The surveillance tech industry is booming, and we should be worried about it.

Poorly regulated and exceedingly secretive, the companies that create surveillance solutions for law enforcement and intelligence agencies may say that they are vetting their customers carefully, but the depressing reality is that their tools can easily find their way into the hands of repressive regimes.

Among these tools are those that take advantage of the system that allows cellular networks to exchange records about users in order to provide adequate cellular service wherever they are, and use it to pinpoint the target's location (past and present).

The SS7, as this global network is called, is unfortunately vulnerable.

"The system was built decades ago, when only a few large carriers controlled the bulk of global phone traffic. Now thousands of companies use SS7 to provide services to billions of phones and other mobile devices, security experts say," explains WP's Craig Timberg.

"All of these companies have access to the network and can send queries to other companies on the SS7 system, making the entire network more vulnerable to exploitation. Any one of these companies could share its access with others, including makers of surveillance systems."

If you take into consideration that there are many carriers that practically can't refuse a request for access from their government, you can see how governments that have not yet developed similar surveillance systems could easily acquire the option.

According to a source within the industry, dozens of countries have bought or leased this surveillance technology in the last few years.

By taking a look at the otherwise secret marketing brochures for such tools, Timberg discovered that some of the companies that sell them are advising their customers to pair them with stingrays - devices that allow law enforcement to mimic a cell tower, and when a suspect's phone connects to it, to track his position, and sometimes even intercept his phone calls and text messages.

Also, that they are not above noting that their tool can be used to get the needed data in case a cellular operator decides not to play ball.

Privacy advocates are not only worried by governments getting their hands on these systems, but also about hackers and criminal gangs using it.









Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //