Iran Abused Mobile Networks' Vulnerabilities To Locate US Military In Middle East (techcrunch.com) 78
An anonymous reader quotes a report from TechCrunch: The Iranian government abused well-known vulnerabilities in the global telecoms infrastructure to locate U.S. military personnel in the build-up to the Iran War, as well as in the early days of the conflict, according to Financial Times. The Iranian government exploited Signaling System 7, or SS7, a set of protocols for 2G and 3G networks that has long been the backbone of how cellular networks connect to each other to route subscribers' calls and texts around the world, the newspaper reported, citing research by the Mobile Surveillance Monitor, as well as anonymous government officials with knowledge of the spy campaign.
Intelligence agencies have long abused SS7 to track cellphones abroad, which is what happened in this campaign. Using this technique, Iran was reportedly able to locate U.S. military forces stationed in military bases as well as hotels in Iraq, Bahrain, and other countries in the Middle East, which allowed the regime to strike them. These attacks resulted in several injuries. Apart from SS7, Iran also abused advertising technology used to serve tailored ads to cellphone users, another well-known surveillance technique that relies on everyday technology.
Intelligence agencies have long abused SS7 to track cellphones abroad, which is what happened in this campaign. Using this technique, Iran was reportedly able to locate U.S. military forces stationed in military bases as well as hotels in Iraq, Bahrain, and other countries in the Middle East, which allowed the regime to strike them. These attacks resulted in several injuries. Apart from SS7, Iran also abused advertising technology used to serve tailored ads to cellphone users, another well-known surveillance technique that relies on everyday technology.
Code is law. (Score:2)
If the code allows it, it's not abuse.
Re:Code is law. (Score:5, Insightful)
If the code allows it, it's not abuse.
That's actually pretty much a fair comment. A number of the mobile systems were originally designed to be more secure than they were finally delivered. GSM in particular. These systems then had security removed from them and monitoring added in during standardization according to American (and later European and other) requests. Probably what Iran has done to kill American soldiers are things that could have been eliminated from the mobile communication standards if the security agencies had been putting a priority on protecting us over spying.
This is a key reminder for us that when NSA and GCHQ demand that the security of systems is weakened they are doing the opposite of their jobs. They are endangering both American and British military people alongside also endangering civilians and allied military people worldwide. They are taking time from experts who should be spending it looking for vulnerabilities and building more secure systems. They are using that time to introduce weaknesses, for example getting rid of end to end encryption and adding in global identifiers, which also make the job of securing the system much more complex.
This isn't just an American problem. Europe's new Chat Control 2.0 is the same idea. There are pre-image attacks [csa-scient...letter.org] where you can make child porn which matches the image-hash of the material you want to track [reddit.com]. Russia and Iran will be able to use those pre-image attacks to track people who have their secret materials.
Calling this "abuse" is misleading. It's just Iran using weaknesses that our security services left in the systems, wanting to be able to use themselves and which Iran then discovered.
Re: (Score:2)
Should probably add the Fight Chat Control [fightchatcontrol.eu] link. The chat control supporters in the EC just got a big vote through by running it when people weren't watching. This is a good time to check on your MEP and call them to complain if they voted for it.
Re: (Score:3, Insightful)
That's actually pretty much a fair comment. A number of the mobile systems were originally designed to be more secure than they were finally delivered.
Not really. Just because a feature exist doesn't mean that it's use is immune from being described as "abuse". If you use a feature for a completely unintended purpose then it's still abuse, it's just not hacking or some other covert nefarious activity. But it is abusing a feature.
It's worth noting though this has ZERO to do with security. SS7 was designed back in the 70s and it's a core routing technology. The idea of being able to trace packets or data to a target device was simply not a consideration in
Re: Code is law. (Score:1)
Re: (Score:2, Interesting)
Gulf War 3.0 Trump
Gulf War 2.0 Bush II
Gulf War 1.0 Bush I
I'm sensing a pattern.
Re: Trump (Score:2)
Re: (Score:2)
America used common sense to find Iran on a map. Let the pummeling continue.
In America, common sense seems to be a non-renewable resource in short supply. Perhaps they shouldn't be using such a precious commodity in aid of waging costly, world-economy-damaging, reputation-destroying wars.
Wahhh! (Score:5, Insightful)
Re:Wahhh! (Score:5, Insightful)
DJT, stuck in a war of his own making (Score:5, Insightful)
Both Putin and Trump have started wars that they cannot win, and from which they cannot withdraw without an enormous loss of face.
The only difference is that Putin's war only effects Russia's economy, while Trump's war effects the whole world.
Re:DJT, stuck in a war of his own making (Score:5, Insightful)
And even when the fat man has fallen off his perch things will not "go back to how they used to be" , the world has already decided it will never been under control of the USA again.
Re: (Score:2)
Putin's war only effects Russia's economy
wat
Re: (Score:2)
You had me at "State of Hormuz." I guess that's the 52nd State? And then later after Puerto Rico becomes the 51st State, they can recycle deep state to mean Hormuz. Which is course encompasses Canada, because... pizza.
There's too much stupid to go around on this one. So much stupid to go around that the media wanted their turn with this story!
If you can't find a negotiated military base on a map... you're probably too stupid to "abuse" radio transmissions until the radio trannies show you their documents an
Re: (Score:1)
The delicious irony is of course, those people wouldn't be asserting control of Hormuz if DJT hadn't thrown his weight around in the first place. It could still be an open waterway with hundreds of container ships traversing it daily. Iran would have been no closer to an nuclear weapon than they are today, and America could have been *billions* better off at this point.
Oh well.. elections have consequences and all that. It's just a shame so many of us that have been affected weren't allowed to vote.
Re: (Score:2)
> America could have been *billions* better off at this point.
Weapons manufacturers and Big OIl are billions better off now. All patriotic Americans should consider that a win, right?
Re: (Score:3, Informative)
The orange shitgibbon literally said that.
Re: (Score:2)
Hey, you won the war 37 times already. What happened?
Re: (Score:2)
Nobody is crying or asking them to stop, they haven't actually succeeded at counter-attacking anything.
I know it takes two brain cells to rub them together, but come on... you can simulate a cockroach with two transistors, try to at least simulate having two real brain cells.
Israel probably (Score:5, Interesting)
Israel has been known to abuse the ss7 network in the United States and spying on our own government personnel. I doubt Iran did this. I'm far likely to believe it was an Israeli attempt to get the United States to strike Iran.
Re: (Score:2)
Correct. SS7 is ancient, and was never created with security in mind. Bell created it in the 1970s, and very idea that security was needed would not even have been in the engineers' world view.
This is a protocol only meant for phone companies, and Bell was still a monolith back then. Similar to the early internet in the 1970s where only the military and a few computer scientists even had access.
We told you so (20 years ago) (Score:3)
Re: (Score:2)
I guess this is from the Quick Thinker Department. Usually the time between problem observation and soluition is another 20 years.
Funny. You're 30 years too late. SS7 dates to the early days of network routing where security simply wasn't remotely a consideration. Much like you could trace packets to the target of a TCP/IP connection, and see which device responds to IP pings, this is a network feature.
If you told anyone 20 years ago, it'll have been 25 years after the protocol was developed. And the issue with this now is what do you do about it? Do we break fundamental backwards compatibility with SMS (probably the most reliable mob
Iran has good hackers (Score:2)
Re: (Score:1)
That's really going to make them want to help you.
And it worked.
All of them want to help America.
None of them want to help Iran.
Re: Iran has good hackers (Score:3)
We are all witnessing, with Iran, what happens when a country does not "want to help" the US. This is the mob making an example so that everyone else in the neighbourhood knows whose side they should be on. Remind me, why do the US need to have a military presence in that region of the world again?
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
You are being unfair. The vulnerabilities in SS7 had been there for years. There was lots of work in GSM to try to improve them and, for example, the MAP protocol which was layered on top of SS7 uses temporary identifiers to make it difficult to track people. The experts didn't do nothing. They actively impeded some of that work and they took away time that could be used for validating and identifying vulnerabilities in other parts of that work.
The basic vulnerabilities in SS7 can be reduced by using SIGTRA
Re: (Score:3, Interesting)
Iranians are well known to have a very competent cyber organization hacker organization (among the best).
Iranian hackers are mid-tier at best. It isn't hard to hack into SS7 - it's a shitty protocol with a lot of vulnerabilities. It's why 4G and 5G don't use SS7. The US doesn't even use 2G and 3G anymore, but of course, the stupid phone manufacturers leave them in for unnecessary backwards compatibility.
I'm not willing to call Iranians competent until they do something that actually requires some skill and intelligence.
Re: (Score:3)
> unnecessary backwards compatibility.
Unnecessary?
https://www.skoda-auto.com/con... [skoda-auto.com]
Do not underestimate the amount of devices still relying on 2G/3G, not every industry has a turnaround of 5 years.
Re: (Score:1)
Too fucking bad. I don't give a shit about legacy devices relying on 2G/3G. Not to mention this has nothing to do with backward compatibility of newer devices. For example, the cars you linked need the 2G/3G networks to do specific functions. Newer devices do not *need* to communicate on these older networks. At all. For any reason. And more specifically, nothing the US military uses should be using 2G/3G networks - they are inherently terrible networks and cannot be secured at all.
Skoda should issue a reca
Re: (Score:2)
Too fucking bad. I don't give a shit about legacy devices relying on 2G/3G.
If you are a cellular operator, you should. A few decades ago, our local utility started a switch over from their own proprietary mesh meter reading network to a 2G/3G GPRS system. They got a ways into switching a few hundred thousand meters over when they got the AT&T memo: We're switching to 4G/5G. They went back and reinstalled their mesh network. Fool me once, shame on you. Fool me again, shame on me.
AT&Ts law enforcement network was even worse. They conned our region's police forces to switch
Re: (Score:2)
A few decades ago, our local utility started a switch over from their own proprietary mesh meter reading network to a 2G/3G GPRS system.
Your local utility was apparently run by morons.
AT&T
also sucks dick in general. Your police dept or whoever all approved that switch; also morons.
Backdoors can and will be used against you... (Score:5, Insightful)
Backdoors can and will be used against you... regardless of your original intentions when mandating them.
Re: (Score:2)
None of this is a backdoor. It's abuse of a network protocol capability designed in the 70s when security just wasn't a word associated with anything electronic.
Re: (Score:1)
So... They haven't had 50+ years to fix this? Cap'n Crunch would be happy that inband signalling is still alive and kicking.
I'm surprised (Score:2)
Not surprised that someone exploited a vulnerability, but surprised that deployed military personnel are allowed to use civilian communication systems.
Re: (Score:1)
Just try to pry that electronic fidget toy out of zoomers hands and watch the ensuing crying and blubbering.
That is called "being competent".... (Score:5, Insightful)
An enemy in a war does not "abuse" your weaknesses. They are "using" them if they are competent. And on the other side? Simple: Having these vulnerabilities is stupid. But the whole war is excessively stupid on the US side. Not the most stupid war ever fought, but probably up in the all-time top-10. And to think the only reason for that war is that a multiple-felon president needs to hide how he raped children.
Re: (Score:1)
sideways looks at US and Israel...
Re: (Score:2)
no nukes for Iran
Naziyahoo says what for decades? Bullshit every time? Get fucked, Zionazi.
Re: (Score:2)
Naziyahoo says what for decades? Bullshit every time? Get fucked, Zionazi.
A couple months into the war people involved with the Iranian side of the JCPOA came out and stated publicly of course their goal was always nukes and gave an example of restrictions on processing of powders. They described how Iran circumvented it by selecting a similar element the same process would work on.
The JCPOA would have credibly limited enrichment to less than 4% thru 2030 and perhaps another deal could have been reached to extend it. Yet in all dimensions... supporting technologies, delivery ve
Re: (Score:2)
The Iranian regime is literally a bunch of Nazis [...] Look at what is going down in Iraq and Lebanon
You mean being attacked by Israel, a country which is actually doing a genocide, with our money, from a nation which was founded on genocide? You're only a genocide apologist.
Re: (Score:2)
Abuse is abuse, even if it is a feature, so long as that feature is being used for purposes other than what it was intended for.
Sigh. (Score:5, Insightful)
I'll say it again:
Active military personnel carrying around standard mobile phones is such a breach of all kinds of basic security protocols that it should be illegal.
But can't let the troops get bored, eh? Have to let them do their fitbit on board your cruiser that you're trying to keep secret, and have them checking into Facebook while they're in Helmand province, and giving away their movements when they're running around your bases at home, and having an always-on device capable of tracking and recording everything from audio to the radiowaves to location, made by the Chinese, wherever they go.
Dumbest fucking idea ever.
Re: (Score:2)
I never served, but it boggles my mind that troops would be allowed to carry such things anywhere they please. If I were a soldier I wouldn't want anyone near me carrying one that wasn't supposedly totally secured and authorized either.
And then of course you've got the problem of troops posting potential war crimes on social media.
Israel troops continue posting abuse footage despite pledge to act [bbc.com]
Israeli soldiers deployed in Gaza post their abuses on social media [lemonde.fr]
Israeli Soldier Shares Evidence of Torture on [democracynow.org]
Re: (Score:2)
I never served either, but I am guessing it's a lot like any large organization comprised of people. They are going to do whatever they want as long as they think they can get away with it.
There was a story not long ago about some Navy staff who installed a bunch of consumer-grade access points and a StarLink satellite disk to bypass official Internet restrictions.
Re: (Score:2)
Do what we say (Score:1)
Re: (Score:1)
in the "how dare you" dept ;-)
used and abused (Score:2)
Funny how if it's someone we like, they used it. But if it's someone we don't like, they abused it.
This is war! (Score:2)
No rules, no excuses.