A new article shows preoccupying combination of SS7 and GRX interception, OTT app HTTP calls eavedropping and datawarehousing to extract subscriber privacy details from Telecom and Mobile operators.
“Several of us around the table had been subject to surveillance,” he told reporters.”The least we can expect is the countries and security services involve change their practices.”
“According to De Standaard, […] the spying was carried out by the U.S. National Security Agency and involved tracking international telephone calls for two years. It was focused on BICS, the Belgacom unit which provides wholesale telecom infrastructure services–in particular in Africa and the Middle East.”
Le Monde article on NSA spying on France telecom networks based on Snowden leaks.
“According to the documents retrieved from the NSA database […] telephone communications of French citizens are intercepted on a massive scale.”
“The techniques used for these interceptions appear under the codenames ‘DRTBOX’ and ‘WHITEBOX’. Their characteristics are not known either. But we do know that, thanks to DRTBOX, 62.5 million data were collected in France and that WHITEBOX enables the recording of 7.8 million elements. ”
Huawei is trying to clear its name from the allegations of spying. But is Huawei really worse and compromised than Ericsson.
Ericsson backdoored products were used by intelligence agencies to spy on Greek government officials and hundred of VIP mobile phones, yet Ericsson did not suffer from the same level of ban and bad press that Huawei did get.
Is it a cultural bias against Huawei? A political and economical against chinese manufacturer? Or the level of compromission of Huawei is much higher, prompting this reaction.
Huawei is nevertheless trying to clear its name from these allegations with the following report “￼Cyber Security Perspectives” by John Suffolk, Huawei SVP & Global Cyber Security Officer.
The attack is a combination of both insecure communication method of SIM cards update with OTA STK procedure; and vulnerability in Java version running on the SIM card.
Industry reality is:
- Number of affected card is not very high, limited to old cards. Often it’s 3DES being used.
- The Binary SMS required to deliver the attack are often filtered at operator’s boundary, thus stopping the attack.
Operation Tempora: GCHQ taps fibre-optic cables for secret access to world’s communications | UK news | The Guardian
Operation Tempora: GCHQ taps fibre-optic cables for secret access to world’s communications.
“The sheer scale of the agency’s ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. ”
“GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.”
Kindsight Protecting Mobile Subscribers solution has been acquired beginning of April by Alcatel Lucent to improve its capability with detection and remediation of mobile subscriber security problems.
O2 has said it its ripping out its Ericsson CUD systems after two failures caused loss of services to customers resulting in reputational and financial damage to the operator.
“(O2) CTO Derek McManus, writing on a company blog, said, “We are removing the Central User Database provided by one of our suppliers, which has suffered two different faults in the last few months. We are not prepared to risk this happening to our customers for a third time and are implementing a proven alternative solution.” That central user database refers to the Ericsson-supplied database that was blamed by O2 for its July outage. ”
Felix “FX” Lindner from Recurity / Phenoelit has found many vulnerabilities into the Huawei low-end to middle-end routers.
Allegation that Huawei and ZTE have backdoors to enable chinese covert access to telecom infrastructure.