The evolution of international 5G standards has brought increased privacy and security protections for users and data, which can be at odds with the needs of lawful intelligence. With nearly all traffic now encrypted, law enforcement agencies (LEAs) can no longer access message or call contents that were previously available. At the same time, the use of 5G subscription concealed identifiers (SUCIs) obscures traditional subscriber identifiers like international mobile subscriber identities (IMSIs). Due to these and other changes, new investigative techniques are being developed in which metadata and other contextual information play a larger role. SS8 is at the forefront of developing lawful intelligence tools and practices that keep pace with these changes, such as advanced location intelligence, metadata analytics, and powerful data fusion capabilities. Measures like these are expanding investigative capabilities even as the data sources LEAs have traditionally relied on become unavailable.
At the same time, SS8 is committed to advancing the state of data security and privacy within the lawful intelligence environment itself by enabling new privacy and security trends. For today’s systems, it is common for operators to provision and identify a target in lawful intercept systems in unencrypted plain text. This handling of identifying information such as the IMSI, IMEI (International Mobile Equipment Identity), or MSISDN (Mobile Station ISDN Number) “in the clear” is a potential security exposure. In cases where the IMSI, IMEI, or MSISDN is unknown, a target may even be identified by personal information like a name or phone number. Therefore, as the increased use of distributed 5G network topologies continues to expand the cyberattack surface, SS8 is working across the telecommunications ecosystem to obscure identifiers by cryptographically hashing them.
Championing Zero-Trust for Lawful Intelligence
The inherently sensitive nature of lawful intelligence requires access to be tightly restricted to avoid compromising an investigation, the safety of investigators and others, or the privacy of the target. Access must be provided only to those with legal authorization and familiarity with relevant warrants, and only on a need-to-know basis. Communication service providers (CSPs) and LEAs must also guard against the inadvertent exposure of target identities through user interfaces or log files. Hashing these identifiers obscures them – even from administrators with root access to the hardware, unless they have been granted explicit access – by requiring a specific, standardized de-hash algorithm that is agreed to by all parties. As networks spread out across public clouds, which lack the traditional physical security measures of a data center, this becomes even more critical.
Lawful intelligence operations therefore require a zero-trust philosophy in which every transaction is authenticated on its own and all data and connections are encrypted. The evolution of ETSI standards has helped increase the degree to which network elements support transport layer security (TLS), substantially improving network security. SS8 has adopted TLS 1.3, the fastest and most secure form of TLS and current standard for encrypting HTTPS web traffic. The latest version of TLS retires some older ciphers and features with known vulnerabilities and implements efficiency changes to reduce performance overhead.
While TLS security protects network connections, bad actors can still access nodes or cloud layers to misuse lawful intelligence data. As part of a zero-trust strategy, hashing lawful interception target identifiers further protects the interests of CSPs, LEAs, and targets by preventing inadvertent exposure or interference by unauthorized parties, such as a Brute Force Cyberattack. However, as with the adoption of TLS, widespread implementation of hashed identifiers requires buy-in and collaboration across CSPs, LEAs, equipment manufacturers, software providers, and standards bodies. SS8 is using its unique leadership position within our ecosystem to encourage all stakeholders to implement hashed identifiers for greater lawful intelligence security.
Securing the Future with Hashed Identifiers
Cloud computing and distributed networks use, transport, and store data far from the protected confines of a data center, creating added risk of unauthorized data exposure. Public cloud resources, which are owned and administered by external parties, are particularly at risk. In such environments, third parties have access to the workflows executed on lawful intelligence network infrastructure. As yesterday’s monolithic, hardware-based network topologies are replaced by edge-based processing and network slices defined by software, a bad actor could copy a log file and subject it to forensic analysis to glean target identities and other information. In the case of nation-states or criminal organizations with deep resources, this prospect clearly supports heightened protection of target identifiers with hashing.
As part of our ongoing commitment to advancing the privacy and security of next-generation lawful intelligence capabilities, SS8 is working across the industry to encourage the adoption of hashed identifiers. This effort requires collaboration among all parties involved in providing, deploying, and operating these systems, and the challenge is substantial. By making the case for hashed identifiers and leading the development of lawful intelligence solutions that leverage them, SS8 is advocating that this aspect of zero-trust become the reality of tomorrow’s lawful intelligence.
About Dr. Keith Bhatia
Dr. Keith Bhatia was named CEO of SS8 in 2020, previously serving as COO. In his tenure, he has positioned SS8 as a leader in a 5G world shaped by increasing digitalization and automation. Keith combines broad technical and market expertise to advance the future of lawful intelligence and is impassioned to show how technology positively impacts our world. In a nearly 30-year career, he has held management and executive positions at public and private telecom companies domestically and abroad. He has a proven track record of driving profitable growth by accelerating international expansion, advancing product development, and leading strategic acquisitions.
About Syed Hussain
Syed Hussain has spent more than 20 years working in the telecommunication and cyber security industry in Engineering and Product Management leadership roles. He brings significant technical expertise to his role as VP of Product Management for SS8’s Lawful Intelligence products, covering Service Providers and Law Enforcement market domains. He has led architecture and design of 4G and 5G Lawful Interception solutions in Cloud and non-cloud environments. Syed represents SS8 in both ETSI and 3GPP standards bodies and at technology summits and holds a BS in Computer Science and Engineering. You can learn more about Syed on his LinkedIn profile here.
About SS8 Networks
As a leader in Lawful and Location Intelligence, SS8 helps make societies safer. Our commitment is to extract, analyze, and visualize the critical intelligence that gives law enforcement, intelligence agencies, and emergency services the real-time insights that help save lives. Our high performance, flexible, and future-proof solutions also enable mobile network operators to achieve regulatory compliance with minimum disruption, time, and cost. SS8 is trusted by the largest government agencies, communications providers, and systems integrators globally.
Intellego® XT monitoring and data analytics portfolio is optimized for Law Enforcement Agencies to capture, analyze, and visualize complex data sets for real-time investigative intelligence.
LocationWise delivers the highest audited network location accuracy worldwide, providing active and passive location intelligence for emergency services, law enforcement, and mobile network operators.
Xcipio® mediation platform meets the demands of lawful intercept in any network type and provides the ability to transcode (convert) between lawful intercept handover versions and standard families.
To learn more, contact us at email@example.com.