When you’re as ginormous a target as the global telecommunications industry, and you’re sitting on a flaw as big as the one affecting its SS7 protocol, best not rely on “security through obscurity”. You and your customers could get badly bitten – and so they have.
The Signalling System No. 7 (SS7) telephony signaling protocol used to establish interoperability across some 800+ service providers worldwide, is deeply vulnerable to interception by hackers, criminals, and corrupt insiders. We’ve known this for years. Now, in Germany, someone’s used that vulnerability to raid consumers’ online bank accounts.