Preface: The phrase “old wine in new bottles”! Cyber security world has similar things all the time!
About SS7 design weakness:
Business impact: A U.K. bank says no customers lost money after cyber attackers attempted account takeovers by rerouting one-time passcodes, Motherboard reports. The National Cyber Security Centre (NCSC) also confirmed.
Such attacks involve tampering with Signaling System #7, the protocol used to route mobile phone calls worldwide.
Security advice: A one-time passcode may be sent over SMS, but the safer way is to use an authenticator app,
such as Authy, Cisco’s Duo or Google Authenticator, to generate the code.