Advertisement

DHS: ‘Nefarious actors’ could be exploiting SS7 flaw

The Department of Homeland Security has received reports that “nefarious actors” may be exploiting cellular communication vulnerabilities to spy on Americans, according to Chris Krebs, a senior DHS official.
Wikicommons photo CC2.0

The Department of Homeland Security has received reports that “nefarious actors” may be exploiting cellular communications vulnerabilities to spy on Americans, according to Chris Krebs, a senior DHS official.

Cybersecurity experts have warned that longstanding vulnerabilities in the telephony protocol known as Signaling System No. 7 (SS7) could allow spying on callers and interception of their data.

Krebs revealed the possible exploitation of SS7 in a May 22 letter to Sen. Ron Wyden, D-Ore., that also said DHS had “received reports from third parties about the unauthorized use” of mobile surveillance devices.

The devices in question, known as Stingrays or IMSI catchers, imitate a cell tower to capture caller location and other associated data. They have been used by U.S. law enforcement for years, but their use for foreign espionage and hacking in the U.S. has been a source of speculation.

Advertisement

From January to November 2017, DHS deployed sensors in Washington, D.C., area in search of the rogue IMSI catchers, Krebs said in his latest missive to Wyden.

The pilot project revealed activity “that appeared consistent” with IMSI catchers in the D.C. area, including close to “potentially sensitive facilities like the White House,” Krebs wrote. The department hasn’t validated or attributed that activity to specific entities or devices, he added.

“As we discussed, NPPD lacks the appropriate enforcement and counterintelligence authorities to address your specific concerns with IMSI catcher technologies,” Krebs wrote.

Krebs had previously acknowledged the presence of what appear to be unauthorized IMSI catchers in the D.C. area in a March letter to Wyden. But the Oregon senator put a hold on Krebs’s nomination to be undersecretary of the National Protection and Programs Directorate (NPPD) until DHS provided more information on its knowledge of the use of IMSI catchers in the United States.

Wyden has since lifted his hold on Krebs’s nomination, a key cybersecurity position for DHS that he is already filling in an acting capacity. However, another senator has blocked the nomination, a Senate aide told CyberScoop. The aide did not specify why.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts