SS7 is the signaling protocol for the world’s telecom networks and like the internet, it wasn’t really designed with security in mind. The assumption back in the day was the telecom operators were all trusted nodes on the network. It turns out over time, hackers have figured out how to penetrate the carrier network the way they have just about all others.
Bad actors can send spoofed SMS messages, track a user’s location or intercept messages used to authenticate a user as well as their phone calls.
The cat-and-mouse game in the telecom network is the same as all others and similarly nation-states are major players in both areas. The recently reported Kaspersky hack which took place in 2015 came from Russian-backed hackers who used the Kaspersky software to identify NSA files it later stole.
SS7 firewalls help but bad actors are adapting, meaning analytics is the only way to ensure carriers are aware of the threats.
One solution comes from AdaptiveMobile, their AI-based Sigil platform works with signaling firewalls to determine attack platforms, Diameter host name, addresses and GTs.
In one example, the company spotted bank accounts compromised via an authentication hack. The two-factor authentication codes sent via text were intercepted. They saw the gang active on other networks and subsequently told carriers which addresses to look out for and alerted the police.
Carriers can upload log files in order to allow the system to search for anomalies. Of course as expected, the system works best with AdaptiveMobile firewalls.
In one instance, Ciaran told me they saw a single subscriber was active on nine networks around the world in ninety-seconds. This indicated that someone wanted to know where this person was.
This sort of attack can be monetized by carriers. They can sell a service to corporations looking to protect their VIPs. The information can be fed to CSOs. In fact Ciaran said, “CSOs are flying blind if phones are attacked with spear phishing or if a location or a call intercept is attempted.”
In our electrical engineering courses back at university, we were taught electrons are “lazy” as they follow the path of least resistance. Today, we realize hackers are the same. They will take the easiest path to achieve their goals. If that’s the SS7 network then this is where they will focus. AdaptiveMobile wants to protect these networks with their AI-based Sigil solution and they want to allow carriers to monetize their solutions.
To learn more, be sure to attend the Enterprise IoT Event, IoT Evolution Jan 22-25, 2018 and see IBM, Ingenu, Cradlepoint, TellientARM, McAfee & other major companies. Special focus on Smart Cities, Security, IIoT and case studies.