The U.S. Department of Homeland Security (DHS) has named Russia, China, Iran, and Israel as countries actively exploiting vulnerabilities in the SS7 telecommunications protocol to spy on U.S. citizens, according to Firstpost.
These countries have reportedly tracked movements, intercepted calls and messages, and used the protocol to deliver malware to mobile devices.
SS7 is an outdated protocol originally used for routing messages in roaming. However, due to its weaknesses, malicious actors can determine users' locations and intercept data using only a phone number. This tool has long been part of espionage operations worldwide, involving not only adversarial states but even U.S. allies.
According to DHS data, countries exploiting SS7 include not only traditional adversaries like China and Iran but also Israel—a key U.S. ally. The report notes that Israel has actively used surveillance technologies developed by local companies. For instance, the company Circles, previously known for exploiting SS7, is now part of the NSO Group, which is linked to the spyware Pegasus.
U.S. authorities are concerned about the growing threats related to SS7 vulnerabilities. These attacks are difficult to prevent, as they exploit inherent flaws in the protocol's design. Reports indicate that in 2022-2023, SS7-based surveillance was used against U.S. personnel and strategically important sites, including bases in Guam and Diego Garcia.
Abuse of SS7 is not limited to these countries. Investigations have shown that such technologies have been used in Saudi Arabia, Guatemala, and other countries to spy on opposition figures and civil activists.
_1734508188.jpg/KFOU3x2tHq1Q3RbxLfDrPWiCxpE3FLH2MTav2v1U.jpg)
