Jump to content
  • Sign Up
×
×
  • Create New...
New feature: 1 Vote = 0.10€ for server Owner!

Memo to Trump: US telecoms is vulnerable to hackers. Please hang up and try again | John Naughton

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

Memo to Trump: US telecoms is vulnerable to hackers. Please hang up and try again | John Naughton

You know the drill. You’re logging into your bank or another service (Gmail, to name just one) that you use regularly. You enter your username and password and then the service says that it will send you an SMS message with a code in it which you can use to confirm that it is indeed you who’s logged in. It’s called “two factor authentication” (2FA) and it passes for best practice in our networked world, given that passwords and login details can easily be cracked.

Sadly, our world is wicked as well as networked, and that SMS message can be redirected to someone else’s phone – that of the criminal who has logged in using your phished personal details – and who is now busily emptying your current account.

This kind of skulduggery has been possible for years. I’ve just come across an account of it

This is the hidden content, please
in Germany in 2017, but security experts were warning about it long before that. At the root of the problem are chronic security
This is the hidden content, please
, an arcane, decades-old, technical protocol for routing phone calls and messages, which is embedded in all telephone systems.

These vulnerabilities can be

This is the hidden content, please
to do a variety of harms: track any mobile phone anywhere in the world; listen to calls; read and redirect SMS messages; intercept internet traffic; and interfere with user connectivity or network availability, to name just a few. But SS7 is also what enables your phone to stay connected on a call while you’re in a train passing through many local cells. So it’s an integral part of the mobile phone system – the glue that holds the whole system together.

You could say that it is too big to fail, which may explain why the big telecoms firms have been reluctant to face up to its manifest downsides. This indolence has now

This is the hidden content, please
by the US regulator, the Federal Communications Commission (FCC), possibly because the Oregon senator Ron Wyden has taken to describing SS7 vulnerabilities as a “national security” issue.

Although North Korea and Russia are viewed as cybersecurity adversaries, the Americans are obsessed with the ******** threat

As it happens, the senator is pushing at an open door, for there is panic in Washington about the extent and depth of foreign (AKA ********) penetration of US communications and critical infrastructure, some of which is undoubtedly facilitated by the vulnerabilities of SS7. At an international security summit in Bahrain on 7 December, Anne Neuberger of the White House National Security Council admitted that ******** cyberspies

This is the hidden content, please
US political figures’ calls, though she omitted to name the victims. She also confirmed that eight US telecom providers had been compromised by the ******** hackers.

Although North Korea and Russia are also viewed as cybersecurity adversaries, the Americans appear to be obsessed with the ******** threat. It seems that three hacking groups in particular are keeping folks in Washington awake at night. It is, as one wag commented, “typhoon season” in the city – a reflection of the names assigned to the trio – Salt Typhoon, Volt Typhoon and Flax Typhoon. Flax ran a 260,000-device botnet until it was

This is the hidden content, please
. Salt cyberspies breached US telecommunications companies Verizon, AT&T and Lumen Technologies – and also, in a neat touch, hacked their wiretapping systems (the ones they have to deploy when FBI agents arrive with a warrant).

Volt, in a way, is the most sinister of the trio. It specialises in US critical infrastructure – water systems, electricity grids and the like. It runs botnets based on end-of-life Cisco and Netgear routers (models for which security updates are no longer being issued). It has been active since mid-2021 with the aim,

This is the hidden content, please
, of building the capability of disrupting critical communications infrastructure between the US and the Asia region during future crises. (A ******** invasion of Taiwan, perhaps?) The affected organisations “span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology and education sectors”. The inference is that Volt “intends to perform espionage and maintain access without being detected for as long as possible”.

So, as the tech

This is the hidden content, please
to donate millions to Trump’s inauguration fund, two of three ******** hacking groups named after storms will still be quietly wreaking havoc in the US’s digital back yard. The idea of Salt Typhoon hacking the FBI’s own wiretapping systems is particularly delicious. Meanwhile, mobile phones everywhere will remain tethered to an ageing protocol that’s about as secure as a two-person tent in a hurricane. And when Trump goes to Beijing to close the deal with his fellow emperor, Xi Jinping will be able to present his visitor with a leather-bound book of all his private telephone conversations since 2016.

Happy new year!

skip past newsletter promotion

Analysis and opinion on the week’s news and culture brought to you by the best Observer writers

Privacy Notice: Newsletters may contain info about charities, online ads, and content funded by outside parties. For more information see our Privacy Policy. We use

This is the hidden content, please
reCaptcha to protect our website and the
This is the hidden content, please
This is the hidden content, please
and
This is the hidden content, please
apply.

after newsletter promotion

What I’ve been reading

Blinded by the light

This is the hidden content, please
is A fine blast on Tina Brown’s blog about the weird attraction of Trumpian glitz for many Americans.

University challenge

This is the hidden content, please
– the title of a thoughtful long essay by David Brooks in the Atlantic on the evils of “meritocracy”.

To sir, with love

This is the hidden content, please
. A lovely piece of writing by Richard Farr on what it’s like to have a great teacher.



This is the hidden content, please

#Memo #Trump #telecoms #vulnerable #hackers #hang #John #Naughton

This is the hidden content, please

This is the hidden content, please

For verified travel tips and real support, visit: https://hopzone.eu/
0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept