March 28, 2017

Wyden, Lieu Call On FCC to Address Major Security Weaknesses in Cell Phone Networks

Wireless Carriers Have Failed to Fix Major Vulnerabilities Allowing Remote Phone Tracking and Hacking

Washington, D.C. – Sen. Ron Wyden, D-Ore., and Rep. Ted Lieu, D-Calif., today called on the Federal Communications Commission to take concrete steps to plug serious vulnerabilities in U.S. mobile phone networks, in a letter to FCC Chairman Pai. Last week a report created by experts for the FCC found that criminals, hackers and foreign countries could exploit a number of vulnerabilities in wireless phone infrastructure to track, surveil and hack Americans’ phones.

“The continued existence of these vulnerabilities – and the industry’s lax approach to cybersecurity – does not just impact the liberty of Americans, it also poses a serious threat to our national and economic security. As such, the FCC must take swift action to address fundamental security threats to our mobile phones, which are no less dangerous than those cybersecurity threats that receive far more attention from other government agencies.”

The most well-known vulnerability is known as ‘SS7’, referring to a common phone interconnection system. Although these flaws have been known for years, telecommunication companies have done little to address them.

“It is clear that industry self-regulation isn’t working when it comes to telecommunications cybersecurity,” Wyden and Lieu continued.

Wyden and Lieu urged the FCC to take three steps to address the SS7 vulnerability:

1. Force cellular carriers to take action on these issues;

2. Warn Americans about the hacking and surveillance threats to their phones; and

3. Promote the use of end-to-end encryption apps, which may mitigate some SS7 risks, as the FCC working group recommended.

Read the full letter here.

Earlier this month, Wyden and Lieu also asked the Department of Homeland Security to explain how it is addressing these telecommunications vulnerabilities.

Additional Background:

Sen. Wyden is a senior member of the Senate Intelligence Committee and congressional leader on smart technology and security policy.

Congressman Lieu has been a leading congressional advocate for stronger cyber security and privacy measures to protect consumers, especially when it comes to mobile devices. On April 16, 2016, Congressman Lieu was featured on 60 Minutes in a story exposing a major flaw in the SS7 protocol that allows sophisticated hackers to intercept cell phone conversations, data and text messages. In response to the report, the FCC opened up an investigation into the SS7 flaw on April 20, 2016, and requested that mobile carriers provide information with respect to the timing and methods used to issue security updates to their devices. In August 2016, he sent a letter to the FCC asking them to expedite their investigation into the SS7 flaw.


Related Files