According to The Guardian, a whistleblower states that the Saudi government is tracking the movement of its citizens across the U.S. using what has been described as powerful mobile spyware. The report states that it is all part of a surveillance campaign run by the Saudi government. The latter is accused of spying on activists and dissidents; Keep in mind that supposedly Saudi Crown Prince Mohammed bin Salman ordered the assassination of Washington Post journalist Jamal Khashoggi. Besides using the spyware, the government also allegedly placed spies inside Twitter to keep an eye on those who have criticized the current regime.
The Saudis were abusing the U.S. cellular network to track the location of certain smartphones
The Guardian was given the opportunity by the whistleblower to view millions of requests to obtain secret tracking information on phones belonging to Saudi citizens visiting the U.S. This amounted to four months worth of requests from the Saudi government that started in November of last year. The requests came from the top three Saudi wireless operators who routed the requests through the Signaling System 7 (SS7) global messaging system.
These are legitimate reasons for requesting this information, such as when a foreign carrier wants to register roaming charges. But in the mobile industry, too many such requests are considered to be a sign of location tracking. And the large number of requests made by Saudi carriers show an interest in finding out the location of their subscribers once they enter the United States. Andrew Miller, a member of Barack Obama's national security council, said that the Saudi's are known for using surveillance to track those who oppose and criticize the government. "I think they are surveilling not only those they know are dissidents, but those they fear may deviate from the Saudi leadership. They are particularly worried about what Saudi nationals will do when they are in western countries."
Back in 2014, we told you that a major security flaw had been discovered on the SS7 network used by mobile carriers worldwide. With this vulnerability, hackers could listen in to calls or intercept text messages even if these messages were encrypted. A report on CBS-TV's 60 Minutes a couple of years later was downright frightening. The network purchased an iPhone off the shelf and sent it to Representative Ted Lieu (D-Calif.). At the same time, CBS gave only the phone number to Security Research Lab. Literally within minutes, Security Research Lab hackers were able to listen in to both sides of a call between a reporter and Rep. Lieu, track the congressman's movements and intercept and record his phone calls.
Ron Wyden, a Democratic senator from Oregon, accuses Trump-appointed FCC Chairman Ajit Pai with doing nothing about the previous warnings about SS7. The senator says, "Because of [Pai’s] inaction, if this report is true, an authoritarian government may be reaching into American wireless networks to track people inside our country." Prince Mohammed has been previously accused of hacking into the personal smartphone belonging to Amazon CEO Jeff Bezos, the wealthiest man in the world. This was allegedly accomplished via a message sent by the Prince to Bezos' WhatsApp account.
The requests for tracking information viewed by The Guardian did not show the names of the people being tracked. The three Saudi carriers involved, Saudi Telecom, Mobily, and Zain sent U.S. mobile operators an average of 2.3 million requests per month from November 1, 2019, to March 1, 2020. The phones belonging to the Saudis were being tracked in the U.S. as often as two to 13 times per hour. The data provided the Saudi government could have pinpointed the location of these phones within hundreds of meters of their actual location inside a city.
Apparently, U.S. carriers were suspicious about other requests made by the Saudis for location data. These requests, known as PSL, or Provide Subscriber Location, set off alarms somewhere because many of them were blocked by U.S. carriers.
One senior researcher at the Citizen Lab at the Munk School at the University of Toronto said that the data indicates that foreign agents were "flagrantly abusing" the U.S. cellular network to track smartphones moving through the states.