We were talking about Ukraine and the proliferation of SIGINT capabilities.
Now, we’ve got some facts thanks to Adaptive Mobile and the Ukrainian telco regulator. It looks like the Russians exploited the fact that they have SS7 roaming links with the Ukrainian mobile operators, and re-routed their targets’ calls to numbers in St. Petersburg.
After this year’s CCC, expect nothing but more SS7 exploits. It’s not widely known enough that this network, the crucial one for mobile telephony, is a default-trusting system. I have a nice little handbook Tekelec gave away with a full set of commands both for SS7 and SIP – I always liked the fact the latter has an error code for Not Acceptable Here.