Whistleblower Exposes Suspected Saudi Spying Campaign to The Guardian


A whistleblower revealed to The Guardian that he was in possession of data which shows that allegedly the Saudis have been trying to secretly track Saudi-registered phones in the US. He revealed this information to show that there are weaknesses in the global telecoms network.

Global Messaging System

Requests for mobile phone location data are not particularly abnormal. They are used by mobile phone operators to connect users around the world. This often happens through the SS7 global messaging system. When someone is travelling in a foreign country and wants to make a call home they are connected through the SS7 network.

The issue is that the tracking of phones is made possible because of this system. Security companies have been aware of this. When the same traveler is abroad and wants to use his phone, he does that through a different provider than the one back home. These two providers make contact with each other with a PSI (Provide Subscriber Information) through the SS7 network. This means that the user’s location is shared. The information that is shared is normally used to charge roaming costs. But when these PSI’s are sent a lot, they could be used to track the location of a person. Despite years of warnings and reports of attacks, the US have done very little to make sure that this cannot happen.

Cache of Data

The data that was revealed to The Guardian consisted of information on Saudi Citizens in the US over a four month period. Saudi mobile operators have sent 2.3 million tracking requests per month between November 2019 and March 2020. Saudi operators also sent separate location requests, but these were blocked by US operators. Once the users entered the US a PSI was sent as often as two to thirteen times an hour. Experts say this means that you could pinpoint on a map where these persons are located, within a hundred yards. The data did not identify the individuals that were tracked.

Expert Opinion

Sid Rao, a security and privacy researcher, said that is highly likely that the Saudis were engaged in a surveillance campaign. He based this on the large number of requests that stood out from the average. Other telecommunications and security experts who have seen the data also believe that it looks like the Saudis have been following their people in the Us.

Senator Ron Wyden, a member of the Senate Intelligence Committee, has warned about the dangers of the SS7 network before. But sadly the agency responsible for regulating the networks does not want to force the carriers to secure the networks.

Cybersecurity analyst
David is a cyber security analyst and one of the founders of VPNoverview.com. Interested in the "digital identity" phenomenon, with special attention to the right to privacy and protection of personal data.