Browse Definitions :
Definition

SS7 attack

What is an SS7 attack?

An SS7 attack is a security exploit that takes advantage of a weakness in the design of SS7 (Signaling System 7) to enable data theft, eavesdropping, text interception and location tracking

Unlike other cyberattack methods, SS7 attacks can use a variety of vulnerabilities to perform malicious activities, most of which can be executed remotely from anywhere in the world. These techniques can grant attackers the ability to record and eavesdrop on conversations and gain access to text messages without being detected. SS7 attack variations can also enable location tracking, fraud and denial of service.

How does an SS7 attack work?

The SS7 protocol facilitates interoperability between networks in 2G and 3G wireless communications. It supports the exchange of information needed to make and receive mobile phone calls and text messages, tracks billing information and enables smartphone users to roam while traveling. SS7 networks were initially designed as a closed, trusted system between telecommunications providers. Providers also cooperated with government agencies to enable state surveillance, providing a great deal of user data to anyone granted SS7 access. When mobile devices and applications proliferated, another set of communications protocols was layered on top, creating an array of entry points and vulnerabilities through which hackers could access and manipulate private data.

In 2014, security researchers in Germany publicized the weaknesses in SS7 by demonstrating that attackers could use man-in-the-middle attacks to track cell phone users' movements and communications and eavesdrop on conversations. In 2017, awareness increased when hackers transferred money from victims' bank accounts to their own by gaining SS7 access and rerouting the two-factor authentication codes intended to verify the account holders.

Typical Signaling System 7 (SS7) architecture
The SS7 architecture for landline and mobile phone service can be exploited in an SS7 attack.

The implications of SS7 vulnerabilities

SS7 attacks can provide hackers with large amounts of quality information because of the surveillance elements built into the network. This capability makes it easy for network operators, governments, cybercriminals and hobbyists to track and compromise smartphones, but businesses can mitigate possible exposure by using best practices such as virtual private networks, encryption and security awareness training.

Despite awareness around the problems with SS7, telecommunications providers were slow to implement protection measures, and some never did. The advent of 4G and 5G telecommunications networks has lessened the threat by introducing new security protocols, but these networks must interoperate with legacy technology. GSMA, the telecommunications association, estimated in its 2021 mobile report that 30% of mobile phone connections currently use 2G and 3G network access. 5G adoption is growing, but SS7 attacks will continue to be an issue as long as 2G and 3G networks are in operation.

This was last updated in August 2021

Continue Reading About SS7 attack

SearchNetworking
SearchSecurity
  • man in the browser (MitB)

    Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is ...

  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system ...

  • parameter tampering

    Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's ...

SearchCIO
  • chief procurement officer (CPO)

    The chief procurement officer, or CPO, leads an organization's procurement department and oversees the acquisitions of goods and ...

  • Lean Six Sigma

    Lean Six Sigma is a data-driven approach to improving efficiency, customer satisfaction and profits.

  • change management

    Change management is a systematic approach to dealing with the transition or transformation of an organization's goals, processes...

SearchHRSoftware
SearchCustomerExperience
  • clickstream data (clickstream analytics)

    Clickstream data and clickstream analytics are the processes involved in collecting, analyzing and reporting aggregate data about...

  • neuromarketing

    Neuromarketing is the study of how people's brains respond to advertising and other brand-related messages by scientifically ...

  • contextual marketing

    Contextual marketing is an online marketing strategy model in which people are served with targeted advertising based on their ...

Close