Hackers Track Your Phone No Matter What Security Measures You Take
A flaw in one part of the global cellphone network allows hackers to track phone locations and listen in on calls and text messages, 60 Minutes reported Sunday.
Hackers in Germany used the weakness in Signaling System Seven, or SS7, which carriers use to exchange billing information for roaming customers, in a demonstration to track and tap the calls of U.S. Rep. Ted Lieu (D-Calif.). 60 Minutes arranged the demonstration and Lieu knew hackers would be trying to tap his iPhone.
Anyone in the U.S. government intelligence community who knew about the flaw and did nothing to fix it should be fired, Lieu said on the program.
Get Data Sheet, Fortune's technology newsletter.
“You cannot have 300-some million Americans--and really, right, the global citizenry--be at risk of having their phone conversations intercepted with a known flaw, simply because some intelligence agencies might get some data,” he said. “That is not acceptable.”
The SS7 hack can’t be blocked by ordinary phone security measures, such as using a passcode or encrypting the contents of the phone. Even turning off GPS-based location tracking wouldn’t help, as the hackers rely on location data from the cellphone network itself.
Mobile network operators can take steps to block hackers from exploiting the SS7 weakness, but not all have done so successfully. Congressman Lieu was using a U.S. network in Los Angeles that 60 Minutes did not identify.
Fortune asked CTIA, the U.S. mobile industry’s trade group, for a comment. This story will be updated with their response when it is received.
The program wasn’t the first to report on the SS7 vulnerability. The Washington Post reported in 2014 that German hackers had uncovered the problem and revealed it at a conference in Hamburg.
See original article on Fortune.com
More from Fortune.com
