Congressman: Possibly half of Congress had voice, text data intercepted

August 26, 2016
In The News

Hundreds of members of Congress may have had all of their cellular voice and text data intercepted by foreign governments before a leak of their information came to light this month, Rep. Ted Lieu said Wednesday.

The California Democrat made the point in a letter asking Federal Communications Commission Chairman Tom Wheeler to pick up the pace of an investigation into possible surveillance that Wheeler said the agency began in April. The surveillance is made possible by a flaw in a global telecommunications network known as Signaling System 7, which allows intelligence agencies to hack into any telephone number they're able to plug into a computer. "Our foreign adversaries can now acquire cell phone voice and text data of over 180 Congress members with impunity," Lieu wrote. "This problem is particularly acute given reports that Russia is trying to influence elections in America."

"The SS7 problem is no longer a theoretical threat," Lieu added. "We now have a mass release of cell phone numbers of members of Congress likely caused by a Russian government that has full access to utilize the SS7 flaw. Because we don't know how long the hackers had access to this information, it is very possible nearly half of Congress has already had voice and text data intercepted."

"Other enemy adversaries, such as North Korea and Iran, could also take this information and acquire the cell phone voice and text data of multiple members of Congress," Lieu pointed out. "The ramifications of the SS7 flaw can be severe, both for our national security and the integrity of American elections."

Personal information for nearly 200 House Democrats, including cell phone numbers, was leaked online this month by "Guccifer 2.0," who describes himself as a Romanian hacker. Some analysts have raised doubt about that proposition, suggesting Guccifer could actually be Russian.

The SS7 flaw was exposed in an April "60 Minutes" documentary featuring Lieu. The problem cannot be reversed, though it can be limited by using encrypted features on cellular devices. Experts have said it will take at least a decade before devices can fully migrate to more modern infrastructure without the flaw.