Mar 17, 2017

Spike in unusual activity on DC cell network starts hack chatter

Public Domain Pictures

Reports are rippling across the web — starting with the Washington Free Beacon's Adam Kredo — of suspicious wireless network activity that could point to a significant hack. A Congressional office says it received a report that there was odd activity on T-Mobile's network in the Washington D.C. area.

The details:

  • A program called ESD Overwatch run by a contractor for the Department of Homeland Security detected the unusual activity, according to the Free Beacon and others. The pilot reportedly monitors cellular infrastructure for security threats.
  • Last week Rep. Ted Lieu's office was notified of a potential hack of T-Mobile's network in D.C. by a "cybersecurity expert," according to a spokesman. Lieu's office was told that this may have been related to vulnerabilities in a global mobile network known as SS7, short for Signaling System 7. SS7 is crucial for to connecting calls, and gaps in security could allow hackers to secretly re-route and eavesdrop on calls. Vulnerabilities in the system were the subject of a 60 Minutes report last year that featured Lieu and caught policymakers' attention.
  • On Wednesday Lieu and Oregon Sen. Ron Wyden, another privacy hawk, wrote to DHS about those vulnerabilities. "Our office has been in contact with DHS regarding reports of anomalous cellular network activity, which may involve the SS7 system," said a spokesman for Wyden in an email.

Why it matters: The vulnerabilities of the SS7 network got a lot of attention from lawmakers after the 60 Minutes segment re-routed Rep. Lieu's calls and listened in to his conversations (with his consent) to illustrate the hacking capabilities. At the time, the FCC said it would look into the issue. The agency did not immediately respond to a request for comment. Renewed concerns could put more heat on lawmakers and agencies to more concretely address the vulnerabilities.

Go deeper