Iran-linked hackers used mobile location data to track US personnel: Report
The mobile networks in West Asia were repeatedly hit by cyber attacks in the build-up to the US-Israeli attacks on Iran in late February.
US military personnel and contractors were allegedly targeted through coordinated cyber-enabled tracking attempts during the Iran war, with hackers reportedly exploiting telecom network vulnerabilities.

Mobile networks in West Asia were repeatedly hit by cyber attacks in the build-up to the US-Israeli attacks on Iran in late February and continued into the early days of the war, the Financial Times reported citing data shared by the Mobile Surveillance Monitor research project.
While Gulf officials have raised suspicion over the alleged exploitation of roaming agreements with local phone providers by Iran or its allies, a US official told FT that these actors may have abused commercially available advertising databases to track phones in Iraqi Kurdistan.
What is SS7? Communication system hackers are reported to have exploited
According to the FT report, regional telecom networks in West Asia fended off a wave of requests, called SS7 pings, which sought to pin down the locations of specific phones roaming outside their home networks, data shared by Mobile Surveillance Monitor research project showed. Two cyber security experts who reviewed the data said these might suggest a coordinated campaign.
SS7 or Signalling System No 7 is the communication system used by telecom operators worldwide and allows mobile operators to exchange information with one another. SS7 requests can exploit a loophole or vulnerability ingrained in the early infrastructure of phone networks, allowing an operator and others with legitimate access to obtain a rough location of phones. Iranian mobile phone providers have roaming agreements cross the Gulf and the Middle East, thus giving them the technical ability to send SS7 pings beyond their borders, FT reported.
“Iran absolutely has capabilities to get real-time, immediate, and continuous location information… It would surprise me very much if Iran were not using SS7, or mobile network access in the region, to track US users," FT cited Gary Miller, a senior research fellow at cyber security watchdog Citizen Lab, who reviewed the data, as saying.
Also Read | How many Indian seafarers have been killed since US-Iran war began? A timeline
US lawmakers express concerns over commercial location data loopholes
The US Central Command had in April told Congress that it had received multiple threat reports “concerning adversary exploitation of commercial location data to target or surveil US personnel in theatre.”
Ron Wyden, a Democratic senator from Oregon, told FT that he had for years “warned both Democratic and Republican administrations about the national security threat posed by foreign adversaries tracking the phones of US personnel.” Wyden said that Iran has been known to exploit the SS7 pings in the past, citing a presentation made by the Department of Homeland Security. In this, the DHS had highlighted Iran as among the “primary countries” using SS7 to target “US subscribers.”
Pat Harrigan, a Republican lawmaker from North Carolina, said he was proposing a legislation to stop tech companies from selling the “digitalised footprint” of US government employees. The FT report highlighted Tehran and Iran-backed militias hitting several hotels in Iraq, Bahrain – where the US Navy’s Fifth Fleet is based – and other locations in the Gulf, which in some instances had led to injuries to US contractors and personnel.
However, the CENTCOM said it had taken “unprecedented force-protection measures”, which it said it could not discuss, for the safety of its forces. A US official further told FT that “any claim suggesting data tracking played a significant role in attacks . . . is a departure from the facts.”
ABOUT THE AUTHORHT News DeskFollow the latest breaking news, major developments and agenda-setting stories from India and around the world with the newsdesk at Hindustan Times. Operating round the clock, the desk brings together experienced editors, reporters and correspondents to deliver fast, accurate and contextual reporting across subjects that influence public policy, governance, business, society and international affairs. The HT News Desk covers politics, elections, government policies, the economy, business and markets, science and technology, the environment, law and order, infrastructure, education, climate issues and geopolitics, while closely tracking developments across states, institutions and global capitals. The team also leads coverage of major breaking news events, policy announcements, court proceedings, natural disasters, public emergencies and significant international developments. Reports published by the newsdesk are based on information gathered from reporters on the ground, official statements, government agencies, court records, regulatory filings, recognised institutions and other authoritative sources. Stories undergo editorial scrutiny and verification processes to ensure accuracy, fairness and relevance, and are updated as events evolve and additional information becomes available. Whether covering a key political decision in New Delhi, an economic policy shift affecting millions, a landmark court ruling or a major global event, the HT News Desk aims to provide readers with reliable, fact-based journalism that delivers not only the latest developments but also the context and analysis needed to understand their wider implications.Read More

E-Paper


