Tech

Saudi Arabia reportedly tracked phones by using industry-wide carrier weakness

EnlargeGary Lerude / Flickr

The Guardian says it has evidence that Saudi Arabia is exploiting a decades-old weakness in the global telecoms network to track the kingdoms citizens as they travel in the United States.

The publication cited data provided by a whistleblower that suggests Saudi Arabia is engaged in systematic spying by abusing Signalling System No. 7. Better known as SS7, its a routing protocol that allows cell phone users to connect seamlessly from carrier to carrier as they travel throughout the world. With little built-in security for carriers to verify one another, SS7 has always posed a potential hole that people with access could exploit to track the real-time location of individual users. SS7 abuse also makes it possible for spies to snoop on calls and text messages. More recently, the threat has grown, in part because the number of companies with access to SS7 has grown from a handful to thousands.

The data provided to The Guardian “suggests that millions of secret tracking requests emanated from Saudi Arabia over a four-month period beginning in November 2019,” an article published on Sunday reported. The requests, which appeared to originate from the kingdoms three largest mobile phone carriers, sought the US location of Saudi-registered phones.

The unnamed whistleblower said they knew of no legitimate reason for requests of that volume. “There is no explanation, no other technical reason to do this,” The Guardian quoted the source as saying. “Saudi Arabia is weaponizing mobile technologies.”

The whistleblowers data appears to show Saudi Arabia sending an unnamed major US mobile operator requests for PSI—short for Provide Subscriber Information. Sundays report said there were an average of 2.3 million such requests per month for the four months starting in November. The data, The Guardian said, suggests that Saudi Arabian phones were tracked as many as 13 times per hour as their owners carried them about the United States. The Saudi operators also sent separate PSLs. US carriers blocked the requests, indicating that the requests were suspicious.

System-breaking potential

Les Goldsmith, a researcher with Las Vegas security firm ESD, told me the volume reported by The Guardian had the potential to break systems used by the mobile operator being queried.

“Performing so many send subscriber data requests on a carrier could, in fact, result in the carriers Visiting Location Register (VLR) or even Home Location Register (HLR) to potentially Read More – Source

[contf]
[contfnew]

arstechnica

[contfnewc]
[contfnewc]