Citing DCCC hack, Rep. Lieu wants speed in cell phone hacking investigation

August 24, 2016
In The News

Rep. Ted Lieu  (D-Cal.) is pushing the Federal Communications Commission to speed up an investigation into a phone security flaw in light of a stolen database of Democratic congressional contact information being  posted online.

On Tuesday, Lieu sent a letter to FCC Chairman Tom Wheeler asking the FCC to “expedite” its look into flaws in the Signaling System Number 7 (SS7) protocol.

The SS7 protocol, which connects different telephone networks has substantial security holes .  Attackers can exploit vulnerabilities in SS7 to monitor or track many aspects of mobile phones worldwide knowing nothing more than a phone number.

The FCC had opened an investigation into the vulnerability in mid April.  Four months later, the list of contact information for around 200 members of Congress was leaked the hacker or hackers behind the Democratic Congressional Campaign Committee and National Committee hacks. 

“The SS7 Problem is no longer a theoretical threat,” wrote Lieu in his letter to Wheeler.

The SS7 protocol dates back to the 1970s, but vulnerabilities in the protocol did not become widely known until German researcher Karsten Nohl demonstrated an SS7 hack on 60 minutes in 2014. The willing victim in Nohl’s demonstration was Ted Lieu. 

“Because we don’t know how long the hackers had access to this information, it is very possible nearly half of Congress has already voice and text data intercepted,” wrote Lieu in his Tuesday letter.