An Australian senator was shocked to hear a recording of his own phone conversation after it was obtained by hackers during a 60 Minutes exposé on cell phone vulnerabilities.
Watch the senator’s reaction at 16:34
Independent South Australian Senator Nick Xenophon, who was skeptical of the claims surrounding poor cell phone security, agreed to become the target of a team of German hackers.
“I don’t believe they can pull it off, but if you reckon they can pull it off, I give my consent,” the senator said.
After making multiple phone calls to 60 Minutes reporter Ross Coulthart while in several different countries, Xenophon traveled to Germany to meet with the hacking team and discovered that his GPS coordinates, texts and even phone calls had been hacked in real-time.
“This is actually quite shocking…” Xenophon said after seeing the data. “It means anyone with a mobile phone can be hacked, can be bugged, can be harassed… This is Orwellian.”
The reporter proceeded to show Xenophon where he was during each phone call on a digital map, accurately pinpointing locations in Japan and Australia.
“If you’re involved in sensitive commercial negotiations where the other company can do you over by virtue of hacking this with sensitive information, if you have an ex-partner that’s being vindictive that can try and embarrass you and humiliate you, no one is safe,” the senator added.
Such hacking techniques can be carried out locally with an IMSI-catcher, a portable device that tricks cell phones into giving up digital information by mimicking a cell tower, or globally by exploiting the Signaling System Number 7 (SS7) protocol.
As explained by ESD America, a cellular security company that has long warned of such vulnerabilities, “SS7 creates an international roaming infrastructure, that by its nature, transmits confidential customer data between networks and countries to support the seamless roaming services subscribers expect.”
Telecommunications companies and governments alike have thus far ignored the massive security flaw, likely due to its frequent exploitation by national security agencies.