Democratic lawmakers in the U.S. are demanding are demanding that the Federal Communications Commission (FCC) takes action to tackle the rise in SIM swapping attacks.
Responding to the groundswell of reported SIM swap heists, senators Ron Wyden (Ore.), Sherrod Brown (Ohio) and Ed Markey (Mass.) and representatives Ted Lieu (Calif.), Anna Eshoo (Calif.) and Yvette Clarke (N.Y.) sent Federal Communications Commission (FCC) Chair Ajit Pai a letter on Thursday urging him to do more to hold cell carriers accountable for the low-cost but often highly lucrative crime.
SIM-swapping is the act of remotely accessing a target’s cellular identity, essentially co-opting the associated phone number for nefarious purposes. There’s any number of ways to swap a SIM; in some cases hackers bribe or exploit cell carrier employees that work from within.
Once they’ve taken over a number, the fraudster can reset victims’ passwords, steal credentials and wipe personal information, bypassing most security mechanisms that rely on cellular two-factor authentication. That can cost millions – especially in a crypto community still largely reliant on text-based account security. To date, millions in crypto have been stolen in alleged SIM swap attacks.
The lawmakers’ chief concern appears to be America’s lack of comprehensive consumer protection policies. They note that some jurisdictions require prevention methods, like in-store verification, while others lag behind.
“Implementation of these additional security measures by wireless carriers in the U.S. is still spotty and consumers are unlikely to find out about the availability of these obscure, optional security features until it is too late,” the lawmakers wrote.
They also demanded to know more about how the FCC tracks SIM swap reports, as well as if it has been educating the public on prevention and if it has investigated hacks in the past.
One of the most public victims of such attacks is crypto investor and communications executive Michael Terpin, who lost over $20 million to SIM-swappers in 2018. He sued his cell provider, AT&T, for failing to protect him, alleging that the company was responsible for its employees who allegedly worked alongside the fraudsters.
That suit is ongoing. Terpin petitioned FCC’s Pai in October also urging action against SIM swapping.
Last month, prosecutors unsealed an indictment against Nicholas Truglia who is suspected of orchestrating the Terpin heist.
Disclosure Read More
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.