Browse Definitions :
Definition

SS7 attack

What is an SS7 attack?

An SS7 attack is a security exploit that takes advantage of a weakness in the design of SS7 (Signaling System 7) to enable data theft, eavesdropping, text interception and location tracking

Unlike other cyberattack methods, SS7 attacks can use a variety of vulnerabilities to perform malicious activities, most of which can be executed remotely from anywhere in the world. These techniques can grant attackers the ability to record and eavesdrop on conversations and gain access to text messages without being detected. SS7 attack variations can also enable location tracking, fraud and denial of service.

How does an SS7 attack work?

The SS7 protocol facilitates interoperability between networks in 2G and 3G wireless communications. It supports the exchange of information needed to make and receive mobile phone calls and text messages, tracks billing information and enables smartphone users to roam while traveling. SS7 networks were initially designed as a closed, trusted system between telecommunications providers. Providers also cooperated with government agencies to enable state surveillance, providing a great deal of user data to anyone granted SS7 access. When mobile devices and applications proliferated, another set of communications protocols was layered on top, creating an array of entry points and vulnerabilities through which hackers could access and manipulate private data.

In 2014, security researchers in Germany publicized the weaknesses in SS7 by demonstrating that attackers could use man-in-the-middle attacks to track cell phone users' movements and communications and eavesdrop on conversations. In 2017, awareness increased when hackers transferred money from victims' bank accounts to their own by gaining SS7 access and rerouting the two-factor authentication codes intended to verify the account holders.

Typical Signaling System 7 (SS7) architecture
The SS7 architecture for landline and mobile phone service can be exploited in an SS7 attack.

The implications of SS7 vulnerabilities

SS7 attacks can provide hackers with large amounts of quality information because of the surveillance elements built into the network. This capability makes it easy for network operators, governments, cybercriminals and hobbyists to track and compromise smartphones, but businesses can mitigate possible exposure by using best practices such as virtual private networks, encryption and security awareness training.

Despite awareness around the problems with SS7, telecommunications providers were slow to implement protection measures, and some never did. The advent of 4G and 5G telecommunications networks has lessened the threat by introducing new security protocols, but these networks must interoperate with legacy technology. GSMA, the telecommunications association, estimated in its 2021 mobile report that 30% of mobile phone connections currently use 2G and 3G network access. 5G adoption is growing, but SS7 attacks will continue to be an issue as long as 2G and 3G networks are in operation.

This was last updated in August 2021

Continue Reading About SS7 attack

Networking
  • firewall as a service (FWaaS)

    Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis ...

  • private 5G

    Private 5G is a wireless network technology that delivers 5G cellular connectivity for private network use cases.

  • NFVi (network functions virtualization infrastructure)

    NFVi (network functions virtualization infrastructure) encompasses all of the networking hardware and software needed to support ...

Security
  • virus (computer virus)

    A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an ...

  • Certified Information Security Manager (CISM)

    Certified Information Security Manager (CISM) is an advanced certification that indicates that an individual possesses the ...

  • cryptography

    Cryptography is a method of protecting information and communications using codes, so that only those for whom the information is...

CIO
  • IT project management

    IT project management is the process of planning, organizing and delineating responsibility for the completion of an ...

  • chief financial officer (CFO)

    A chief financial officer (CFO) is the corporate title for the person responsible for managing a company's financial operations ...

  • chief strategy officer (CSO)

    A chief strategy officer (CSO) is a C-level executive charged with helping formulate, facilitate and communicate an ...

HRSoftware
Customer Experience
  • martech (marketing technology)

    Martech (marketing technology) refers to the integration of software tools, platforms, and applications designed to streamline ...

  • transactional marketing

    Transactional marketing is a business strategy that focuses on single, point-of-sale transactions.

  • customer profiling

    Customer profiling is the detailed and systematic process of constructing a clear portrait of a company's ideal customer by ...

Close