Security flaws in American phone networks, some having been present since the late 1970s, are being investigated by the FCC after evidence points to their potential use for spying on the American people by foreign governments. These security flaws have been known about since at least 2008, but thus far little has been done by Federal agencies to reduce these vulnerabilities.
Signaling System Number 7 (SS7) and Diameter are telecommunication protocol standards used by telephone networks to exchange information and control signals. SS7 was developed in the mid-1970s and Diameter in the late-1990s. Both protocols are essential in the everyday functioning of telecommunications services.
The FCC began investigating the security of SS7 and Diameter in March 2024, in part due to urging from Senator Ron Wyden (D-OR) who believes that wireless carriers’ current security practices leave the United States vulnerable to undetected surveillance by authoritarian governments. Senator Wyden had previously expressed concern over vulnerabilities in the FirstNet phone system used by the United States military.
FCC officials have asked telecommunications companies for insight on the SS7 and Diameter protocols and their recommendations for how to deal with system vulnerabilities. The FCC should be ready to respond to comments by the end of May 2024.
