Security researchers have demonstrated they are able to monitor a live phone call between two parties, without resorting to an attack of either party's smartphone. A group of hackers in Germany showed that a phone call between a congressman and a reporter could be listened into and recorded by an outside party, highlighting that while device security
is an important part of keeping content private, the calls themselves are still insecure.
The investigation by 60 Minutes
on Sunday involved a new iPhone being provided to Representative Ted Lieu (D-CA), while only the phone number was provided to Security Research Labs of Berlin. The hacking group was able to listen in to both sides of the conversation, by abusing a vulnerability in the way calls are handled, without interfering with either party's mobile devices.
The vulnerability itself is in telephony protocols called Signaling System 7 (SS7
), a piece of the telecommunications infrastructure that is needed for cellular calls to connect and for text messages to pass to other parties around the world. Karsten Nohl, a member of the hacking team, claims he was also able to track the congressman's movements through the same flaw. It was even possible for Nohl to acquire the phone number of someone Lieu's borrowed iPhone called or was called by, potentially giving an attacker another target to use the same vulnerability against.
Nohl advised the SS7 flaw was a considerable risk to the protection of privacy in calls between politicians and business executives, though it is unlikely to be closed easily. The flaw is said to be an "open secret" among intelligence agencies around the world, one that many would prefer to keep open and unprotected.
In response to these findings, Lieu suggests those working for intelligence agencies defending the flaw as bing "extremely valuable" due to the information that can be collected from it should be fired. "You cannot have 300-some million Americans – and really, right, the global citizenry be at risk of having their phone conversations intercepted with a known flaw, simply because some intelligence agencies might get some data. That is not acceptable."
While the flaw exists for calls and texts, there are still ways users can make calls without being monitored in this way. Using apps with built-in encryption for messaging and calls bypasses SS7 entirely, but it does rely on the platform hosting the call being secure enough to keep intruders out, as well as making sure the mobile devices involved in the call are equally protected.