Exploit SS7 to Redirect Phone Calls/SMS
An adversary could exploit signaling system vulnerabilities to redirect calls or text messages (SMS) to a phone number under the attacker's control. The adversary could then act as a man-in-the-middle to intercept or manipulate the communication.      Interception of SMS messages could enable adversaries to obtain authentication codes used for multi-factor authentication.
|Encrypt Network Traffic||Use of end-to-end encryption of voice calls and text messages "provides another layer in the defense against potential information compromise by SS7 enabled eavesdropping."|
Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation as described by the Communications, Security, Reliability, and Interoperability Council (CSRIC).  The CSRIC also suggests threat information sharing between telecommunications industry members.
- Tobias Engel. (2014, December). SS7: Locate. Track. Manipulate.. Retrieved December 19, 2016.
- Tobias Engel. (2008, December). Locating Mobile Phones using SS7. Retrieved December 19, 2016.
- 3GPP. (2000, January). A Guide to 3rd Generation Security. Retrieved December 19, 2016.
- Positive Technologies. (n.d.). SS7 Attack Discovery. Retrieved December 19, 2016.
- Communications Security, Reliability, Interoperability Council (CSRIC). (2017, March). Working Group 10 Legacy Systems Risk Reductions Final Report. Retrieved May 24, 2017.
- Iain Thomson. (2017, May 3). After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts. Retrieved November 8, 2018.
- Kate Conger. (2016, June 14). Apple will require HTTPS connections for iOS apps by the end of 2016. Retrieved December 19, 2016.
- Google. (n.d.). Network Security Configuration. Retrieved December 19, 2016.