Signaling System 7, or SS7 is a legacy telecom protocol widely used by telecom service providers not only in Canada, but around the world. The security issues surrounding SS7, have been known for some time.
CSE has always been clear that it is actively working with Canada’s telecom industry and critical infrastructure operators to address issues related to SS7 to develop best practices, advice and guidance that can help mitigate the risks associated with SS7. This information is not new and was included in media coverage as recently as November 22, 2017 . Today’s media coverage, which referenced CSE’s engagement with Canadian telecom industry partners, through a ‘working group’, reaffirms our ongoing, active engagement with industry partners. This partnership has been in effect for many years, and the working group meets to discuss various updates, challenges, and concerns our telecom partners may have, including SS7.
However, as a result of partnership agreements, CSE is unable to discuss further details of meetings with industry partners, and we cannot disclose the participation of individual, private telecom partners.
In addition to the advice and guidance related to specific issues such as SS7, CSE provides the government of Canada with extensive cyber security advice and best practice recommendations including, for using mobile communications devices safely. As recently as last summer, CSE met with federal political parties, Parliamentarians, provincial governmental officials and provincial electoral bodies to provide guidance and advice on mobile device usage. This advice is available to all Canadians and can be found on our Mobile Security webpage.
For over 70 years CSE has been proud to help protect Canada and Canadians, and are equally proud to say we will continue to do so.