Local mobile networks 'used for global spy operations'

Thursday 17 December 2020

Mobile phone networks in the Channel Islands have been used to undertake surveillance by private intelligence companies, according to a national investigation.

A joint investigation was undertaken by the Guardian and the Bureau of Investigative Journalists.

Independent intelligence agencies can rent access points – known as global titles – to local telecom networks.

Through this, they can access an old messaging system known as SS7, and send out certain signals to phones across the globe to track people’s locations – a feature that is normally used by operators to connect mobile users to one another and figure out if a customer is roaming.

Pictured: Relying on older 2G and 3G technology can lead to hacking and exploitation.

These can usually be whittled out by stringent security protocols covered in the UK's 'Telecoms Security Bill', but since Jersey and Guernsey don’t sit within that bill, and since +44 numbers are generally trusted and can appear as if they’re emanating from the UK, some firewalls can be breached. 

Sure Guernsey and Airtel were specifically named in the investigation.

The Guardian said Israeli private intelligence company Rayzone Group appears to have used an intermediary to lease an access point via Sure Guernsey gain access to the global telecommunications network.

In a statement shared following the publication of the investigation, Sure said that it “does not lease access to global titles directly or knowingly to organisations for the purposes of locating and tracking individuals or for intercepting communications content.”

“Sure works with global telecommunications companies, including all UK operators, to monitor signalling traffic (the type of traffic used by global titles). Any evidence or complaint, provided by authorities, such as the NCSC or operators, results in the service in question being immediately ceased and subsequently permanently terminated if malicious or inappropriate traffic is discovered upon investigation.”

It also reassured customers that “privacy and cybersecurity are of paramount importance” and said that it “works closely with the UK National Cyber Security Centre and the States of Guernsey”, while its Chief Security Officer “sits on a UK industry working group involving the UK operators and the National Cyber Security Centre (NCSC) and is notified and immediately acts on any potential issues.”

Pictured: All of the islands' telecoms operators said they took customers' security very seriously.

The Guardian also said industry sources had told it that there was evidence of “a steady stream of suspicious signalling messages directed via the Channel Islands to phone networks worldwide, with hundreds of messages routed via Sure Guernsey and… Jersey Airtel, to phone networks in North America, Europe and Africa in August.”

Responding, Airtel  said that it takes “network and customer security seriously”, going on to state: “SS7 is part of the global mobile network infrastructure and we are vigilant about its vulnerability. We have an SS7 firewall solution from a trusted & reputed vendor which helps in preventing misuse, thus our SS7 security is more robust than of average operators.

“Further, we are working closely with regulators and government to take necessary steps in the security sphere. Jersey Airtel, along with other operators are part of the Telecoms Security Regulation (TSR) initiative within the Channel Islands in adopting the right security measures required for the islands based on the broader TSR guidelines.”

Express also approached JT, who were not named in the investigation, for comment.

A spokesperson replied:  “JT takes the security of its networks exceptionally seriously. It is something we invest heavily in and monitor continually in conjunction with the Government and our regulator, as the threats are always there, and always changing therefore we are never complacent. It’s clearly an important issue, and one which we will continue to watch carefully to make sure our customers are protected.”

Express asked the Government of Jersey a number of questions, including whether it kept a record of global titles being leased and how that access was being used. 

It did not reply to them, but provided a statement saying it was “absolutely committed to ensuring that the security of its telecoms networks meets the highest international standards.”

Pictured: Jersey's Government said it was committed to ensuring telecoms networks meet "the highest international standards."

It continued: “The Government has been working closely with UK Department for Digital, Culture, Media and Sport (DCMS) and the National Cyber Security Centre (NCSC) about the formulation of the UK’s Telecoms Security Framework, to ensure Jersey’s approach on telecoms security is aligned to the UK. This is in addition to regular discussions about telecoms and cyber security more broadly.

“The Government has approved the production of a Jersey Telecoms Security Framework that seeks to adopt and adapt UK’s Framework to the Jersey context - including on High Risk Vendors, Telecoms Security Requirements and a new compliance regime. Work has begun to develop this into domestic legislation. 

“As part of this work, the Government of Jersey is taking the advice of the NCSC, and working closely with local operators.”

The States of Guernsey, which is currently in the process of aligning with the UK’s security bill, with The Telecoms Security Framework now in development, told Express: “The States of Guernsey, works very closely with the National Cyber Security Centre (NCSC) and the UK Department for Digital, Culture, Media and Sport (DCMS). NCSC and DCMS have dedicated officers for the three Crown Dependencies and communicate regularly with them on a range of security matters, including telecoms security.”

"Guernsey takes extremely seriously its role as a good neighbour to the UK and other jurisdictions and its role internationally in ensuring telecoms security meets the highest standards.  As part of the British family, the Guernsey and UK governments are working together to make sure that the telecoms security policies and regulation are closely aligned."

"Like the UK, the Crown Dependencies each have Telecom Security Policies. Guernsey’s can be found here. Guernsey is also developing Telecoms Security Requirements (TSRs) which will align with the UK’s approach and timeframes and will be legislated for, and regulated, in a similar manner."

Both islands’ regulatory authorities for telecoms – the recently-split JCRA and GCRA – told Express that they were not conducting any investigation into the allegations at this time.

Read the Bureau of Investigative Journalism's piece here and the Guardian's here.