Citizen Lab: surveillance vendors exploited telecom vulnerabilities for geolocation

Colleagues, a cybersecurity alert: Citizen Lab identified two campaigns in which surveillance vendors abused access to telecom infrastructure to perform geolocation.
- Actors operated as "ghost" operators, requesting location data through operator infrastructure.
- They exploited SS7 vulnerabilities and, where available, Diameter; attacks sometimes reverted to SS7.
- 019Mobile, Tango Networks U.K., and Airtel Jersey are mentioned; end surveillance vendors are not named.
- One campaign used SIM commands (SIMjacker), covertly turning SIM cards into trackers.
Critical: signalling vulnerabilities enable mass-scale surveillance — operators must tighten audits.
What mitigation measures would you recommend?
#cybersecurity #telecom #privacy #surveillance


Latest comments
No comments yet.