To hack a phone call, read someone else’s text messages, or track their location, all that you need is their phone number; it doesn’t matter where they are, the mobile network they are subscribed to, or the phone model they are using. It doesn’t matter whether they have enabled or disabled the GPS, installed anti-tracking Apps, or installed the latest and most powerful anti-virus protection software. To demonstrate how this works, German security researcher Karsten Nohl “tracked a brand new phone given to US congressman Ted Lieu in California from his base in Berlin using only its phone number. Nohl pinpointed Lieu’s movements down to districts within Los Angeles, read his messages and recorded phone calls between Lieu and his staff”, reported The Guardian.
This is how SS7 works: Foremost, SS7 or Signalling System No. 7 is a protocol suite used by many telecommunication operators throughout the world to talk with each other. The SS7 allows for the setup and termination of phone calls between two or more telecommunication networks. The SS7 system is what allows a call from one network like Safaricom to be routed to another network like MTN in Uganda and reach the intended recipient.
The SS7 network has been shown to be open, meaning anyone with the right instruments can hack a phone call and listen to or even divert them. If you have the right instruments, you can also be able to read text messages and track location of your target. The reason SS7 is open for anyone to access is because when the protocol was developed and implemented back in 1975, there were only few telecoms operators, and they were either state controlled or really big corporations who trusted each other, so no authentication was built in; and this vulnerability has allowed anyone who operates like a telecommunication operator (e.g. using VoIP technologies like those SIM boxes that CA impounded the other day) to be able to hack to phone conversations at will.
In order therefore to hack a phone call, read a text message or track location of a target, you need to have access to this SS7 network through a surveillance software like the one sold by Verint Systems Inc, but to be able to buy such software you need to have a lot of money. ““Any tin-pot dictator with enough money to buy the system could spy on people anywhere in the world,” said Eric King, deputy director of Privacy International, a London-based activist group that warns about the abuse of surveillance technology.
“Users of such technology type a phone number into a computer portal, which then collects information from the location databases maintained by cellular carriers, company documents show. In this way, the surveillance system learns which cell tower a target is currently using, revealing his or her location to within a few blocks in an urban area or a few miles in a rural one”, reported Washington Post.