Security issues related to SS7 and Diameter

Intrusion Detection SS7

Code: DAP/20-01

Active

Start: June 2020

End: December 2023

We are living in a more and more connected world and for the sake of speed and simplicity our actions are increasingly relying on mobile telecommunication networks. Facing this fast evolution of mainly the last decade, the mobile telecommunication networks are nonetheless based on the old SS7 standard (Signalling System #7) developed in the seventies for operators which trusted each other as they could control access to their proprietary hardware. With the opening of telecommunications to the internet, security has been more difficult to guarantee as testified by known security flaws reported by the security industry [PT18] or major incidents reported in the press [Tan17, Khan17].

This study proposes to analyse the SS7 traffic flow of 3 Belgian Mobile Network Operators (MNO) in order to help the intelligence services (VSSE and ADIV), the Belgian telecom regulator (BIPT) and the MNOs themselves to identify and/or exploit threats. The experience gathered by companies conducting security audits for MNOs in the last years show how relatively easy it is for attackers to use security flaws of SS7 [Puz17] or Diameter [Mash2017] to gather information about subscribers, locate or track them, intercept SMS or calls or perform a denial of service. Some of the conclusions of these audits is that MNOs often lack the knowledge about vulnerabilities and their consequences [Mash17], or should employ additional security measures [Puz17].

References

  • [PT18] SS7 VULNERABILITIES AND ATTACK EXPOSURE REPORT 2018, Positive Technologies.
  • [Tan17] H. Tanriverdi, M. Zydra, “Schwachstelle im Mobilfunknetz: Kriminelle Hacker räumen Konten leer”, Süddeutsche Zeitung, 3. Mai 2017.
  • [Khan17] S. Khandelwal, "Real-World SS7 Attack — Hackers Are Stealing Money From Bank Accounts". The Hacker News. Retrieved 2019-Mar-04.
  • [Puz17] S. Puzankov, “Stealthy SS7 Attacks”, Journal of ICT Standardization, VOL 5, No 1, pp 39-52, 2017.
  • [Mash17], S. Mashukov, “Diameter Security: An Auditor’s Viewpoint”, Journal of ICT Standardization, VOL 5, No 1, pp 53-68, 2017.
Mobile Phones: Should you be afraid of disclosing your IMSI ?

SS7

The smartphone has become so important in daily life that users should be concerned about its security. We try to explain here some reasons to be or not to be afraid about disclosing the IMSI, the subscriber identity number used in the global telecommunication network.

Read
Feb 15, 2022 | 1104 views
SMS-based 2-Factor Authentication is insecure !

SS7

The US National Institute of Standards and Technology (NIST) has declared in its Digital Authentication Guideline that SMS-based two-factor authentication should be banned due to security concerns [End of SMS-based 2-Factor Authentication; Yes, It's Insecure!]. We explain why in this blog.

Read
Sep 1, 2021 | 1806 views
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept