VimpelCom Beeline boost security of mobile network and subscribers with PT Telecom Attack Discovery.
After years of security through obscurity, telecom security has appeared on the radar screen. Subscribers are using more and more new services, and almost every new gadget has mobile Internet connectivity. But the core for all this communication—the SS7 signaling network—was developed 40 years ago, and integrating new technologies with legacy systems creates some serious security issues.
Vulnerabilities in SS7 make it possible for an attacker anywhere in the world to track the location of a mobile phone, disconnect a subscriber, intercept SMS messages, and even eavesdrop on conversations. Positive Technologies experts assessed many SS7 networks security in 2015–2016 and found troubling results: subscribers could be geotracked on 58% of analyzed networks, have their incoming SMS messages intercepted on 89% of networks, and have their voice calls intercepted on 50% of networks.
Of course, it’s impossible to overhaul the existing infrastructure and protocols in a day. That is why it is so important to perform a detailed audit of SS7 networks and related components, as well as quickly identify attacks targeting mobile infrastructure and subscribers and undertake mitigating measures.
PJSC VimpelCom serves over 58 million mobile subscribers, making reliability an absolute priority. The growing number and scale of external threats forced the company to take a fresh look at how to keep its network safe. Several of the key challenges included:
Get an unbiased picture of the protection level of the mobile network and subscribers in order to analyze the existing risks.
Devise methods for mitigating the highest-priority threats.
Decide on methods to monitor network security and detect illegitimate use of the network.
To meet the SS7 security challenge, VimpelCom selected Positive Technologies, which started a common project in 2012 to protect the client’s subscribers and network. In the intervening years, VimpelCom and Positive Technologies have continued their partnership in a number of areas, such as optimizing configuration of transport network equipment and investigating 3G/4G modem security. The next level of the partnership arrived with comprehensive auditing of SS7 security and testing of PT Telecom Attack Discovery.
PT Telecom Attack Discovery automates and simplifies detection of illegitimate SS7 network activity. By quickly detecting malicious traffic, this system prevents a number of costly nuisances:
Denial of service preventing subscriber access or functioning of network infrastructure
Theft of funds from subscriber accounts
Bypassing of billing/metering systems
Interception of calls and SMS messages
Many attacks can be prevented proactively. Assessing network security detects vulnerabilities before they can be exploited, and prevents attacks from gaining a foothold on the network—meaning improved security and subscriber loyalty.