On Sunday, the Washington Post published a startling report that described how private companies who sell surveillance systems are marketing them to governments around the world, providing the means to track the movements of anyone who carries a cell phone — here or abroad.
A set of network protocols known as Signaling System No. 7 (SS7) allows cell phone carriers to collect location information from cell phone towers and share it with each other. So a US carrier can find a customer even if he or she travels to another country. From Wikipedia,
Inasmuch as SS7 was not designed with security in mind, surveillance technology within the capabilities of non-state actors can be used to track the movements of cell phone users from virtually anywhere in the world with a success rate of approximately 70%
The Washington Post article says that marketers of surveillance systems also now have access to SS7, so that purchasers of these systems can home in on cell phone users’ locations as precisely as within a couple of city blocks (or in rural areas, a couple of miles). These systems can even detect how fast a person on a city street is walking, or the speed a person’s car is traveling!
According to Mother Jones, the carriers’ privacy policies aren’t protecting us very much, if at all.
But telecommunications networks have become so complex that it would cost billions to install new security measures to defend against these surveillance systems, and these measures might negatively impact functioning of basic services like routing calls, text messages, and Internet access to customers.
The tracking systems use queries sent over the SS7 network to ask carriers what cell tower a customer has used most recently. Carriers configure their systems to transmit such information only to trusted companies that need it to direct calls or other telecommunications services to customers. But the protections against unintended access are weak and easily defeated, said Engel and other researchers.
By repeatedly collecting this location data, the tracking systems can show whether a person is walking down a city street or driving down a highway, or whether the person has recently taken a flight to a new city or country.
An anonymous industry representative reveals that dozens of countries have either bought or leased this technology in recent years, demonstrating clearly how the surveillance industry has made super-spying technology available around the world. Needless to say, it is a very profitable industry these days, and it could easily be in use by some pretty bad actors — or it already is. NSA, I’m looking in your direction!
Companies that market SS7 tracking systems recommend using them paired with International Mobile Security Identity (IMSI) catchers, surveillance devices that use signals collected directly from the air to intercept calls and Internet traffic, send fake texts, install spyware — and determine precise locations. (IMSI is a unique identifying code on each cellular phone.) IMSI catchers are often called by a trade name, “Stingray,” and are produced by several major surveillance companies and widely used by police and intelligence services around the world. From WaPo:
The FCC recently created an internal task force to study misuse of IMSI catchers by criminal gangs and foreign intelligence agencies, which reportedly have used the systems to spy on American citizens, businesses and diplomats.
U.S. Rep. Alan Grayson wrote a letter to FCC Chairman Tom Wheeler with questions about the vulnerability of cellular networks to interception and hacking, prompted by news reports in the Washington Post, Newsweek, and the Harvard Journal of Law and Technology [PDF].
“Americans have a reasonable expectation of privacy in their communications, and in information about where they go and with whom they communicate,” Grayson wrote to Wheeler in July. “It is extremely troubling to learn that cellular communications are so poorly secured, and that it is so easy to intercept calls and track people’s phones.”
Gee, ya think?