Signalling Penetration Testing
The risk of signalling based attacks on mobile networks has been gaining a lot of attention in the public media. The SS7 network was created decades ago, when the only parties connected to it were government owned telecom companies. Lay people did not know about its existence, its use or how it could be exploited. Nor could they get a connection into the SS7 network, even if they wanted to. So there was never any protection or authentication built into the protocol, because it was simply not needed, or so they thought. Roll forward several decades, and a typical mobile operator network “talks” to hundreds of other networks in dozens of countries, to facilitate international roaming, still without any protection or authentication. In addition, Diameter security standards are no better than that of SS7, with more attackers understanding this protocol.
Attacks have included subscribers’ locations being accurately pin-pointed, eavesdropping on personal phone calls and messages, network & subscriber data being modified, and user privacy and revenues from key services coming under threat.
AdaptiveMobile can provide a range of penetration testing services to enable operators to understand the specific signalling security risks their networks face and so understand the most appropriate countermeasures to put in place to protect their subscribers and business.