To ask the Secretary of State for Digital, Culture, Media and Sport, when he last made an assessment of the (a) weaknesses in the UK's SS7 phone signalling system and (b) implications for national security of that matter.
18 January 2021
It was announced in 2016 as part of the National Cyber Security Strategy that SS7 and Diameter protocols used within mobile networks would be tackled within the National Cyber Security Centre’s (NCSC) Active Cyber Defence programme. The NCSC’s second report on Active Cyber Defence which was published in July 2019 included details on work to further remediate weaknesses in SS7. The NCSC continues to work closely with mobile operators to reduce the vulnerability of UK networks.
The Telecommunications (Security) Bill currently going through the House will require that telecoms providers take measures to protect their networks and services from security compromises. This would include measures to mitigate risks associated with SS7 protocols.