AdaptiveMobile, a global provider of mobile security, has launched SS7 Protection – a new product that secures mobile operator core networks against privacy and fraud attacks exploiting loopholes in the SS7 signalling protocol.
AdaptiveMobile SS7 Protection is the first comprehensive security overlay for mobile operator signaling infrastructure, blocking known and emerging threats to restore confidence in the network for consumers and regulators alike.
SS7, a communications protocol used in the telecom network to enable control and billing of global communications services, was designed for use in a ‘trusted network’. However, as recent network breaches have revealed, rogue access to the SS7 network is relatively easy and a lack of end-to-end authentication is leaving operator networks vulnerable to new types of attacks.
Such attacks are shattering consumer and regulator trust in the signalling that lies at the very core of operators networks. The danger, which was publicized at a recent Chaos Computer Club event for European hackers, means that once the SS7 network is breached, subscriber locations can be accurately pin-pointed, personal phone calls and messages monitored, network and subscriber data manipulated and defrauded, and user privacy and revenues from key services placed under threat.
“The vulnerabilities in the SS7 protocol strike right to the heart of industry measures to secure the trust and privacy of subscribers. Updating security procedures in protocols first written back in the 1980s simply isn’t an option given the extent of deployed equipment. There are more users of the SS7 network worldwide than there are of the Internet. Such a massive task would take years and cost billions,” said Brian Collins, chief executive officer, AdaptiveMobile. “What is needed is an easy to deploy yet comprehensive overlay security solution that doesn’t just block suspicious traffic but uses global threat intelligence and advanced analytics to secure the network against privacy and fraud attacks.”
The AdaptiveMobile SS7 Protection product combines SS7 Firewall functionality with Advanced Analytics algorithms and a Threat Intelligence service drawn from presence in over 75 operators worldwide to protect mobile networks from signalling attacks.
· The SS7 Firewall sits at SS7 interconnect points between carriers and blocks suspicious traffic before damage occurs
· An Advanced Analytics module uses Big Data and smart algorithms to identify, block and report on new threats to the network
· A Threat Intelligence service shares real-time updates and countermeasures across a community of over 75 global operators – feedback and information gained from an attack on one site is used to secure all members of the community against future similar attacks.
With potential threats to the SS7 network coming from such varied sources as national security agencies, fraudsters and malicious hackers, governments and regulators are placing increasing pressure on operators to protect the privacy of subscribers. In response, the mobile ecosystem of regulators, operators and vendors is already working together to define recommendations and implement solutions to detect and stop potential attacks.
The vulnerabilities of the SS7 network were highlighted in May 2014 following investigation of the Ukrainian Telecom Regulator (NKRZI), assisted by the Ukrainian Security Service (SBU), into telecom network activity over several days in Ukraine. The key findings of this report were that over a three day period in April 2014, a number of Ukrainian mobile subscribers suffered privacy breaches via SS7 attacks, causing their location and contents of their phone calls to be obtained.
Signalling System 7 (SS7), is a catch-all term for a telecom network technology that is used by hundreds of cellular companies to allow them to operate and communicate with each other; it is the communication protocol used by telecom nodes within cellular networks to provide functions such as mobility control, network registration, call and text setup.
In short, it enables mobile devices to communicate and roam globally, and it allows mobile operators to control and bill this activity. All pieces of network hardware that operate in the core network use SS7 to interoperate with the rest of the network.
AdaptiveMobile will be showcasing its SS7 Protection solution at Mobile World Congress 2015. In addition, Cathal Mc Daid, Head of Data Intelligence & Analytics at AdaptiveMobile, will be discussing mobile messaging abuse/mobile malware and SS7 security as part of the session, ‘The New Security Challenges: Perspectives from Service Providers’. The presentation will include unique visualisations and case study examples and will take place on Wednesday, 4th March, 16.30 – 17.30 in Hall 4, Auditorium 4 at MWC15.