PT Telecom Security Assessment

PT Telecom Security Assessment is the service allowing to estimate security of communication networks 4G and 5G.

The service allows to reveal critically dangerous vulnerabilities of signal network before they are detected by the malefactor, and to estimate efficiency of the current measures of information security.

2017: Announcement

The Positive Technologies company announced on October 9, 2017 start of PT Telecom Security Assessment service according to security of communication networks 4G and 5G.

Appointment

In general service is intended to help telecom operators to be protected from the DoS-attacks and fraudulent schemes with billing systems, to provide fulfillment of requirements of regulators and also to secure personal data of subscribers. Besides, periodic audit will allow to construct the protected IoT-ecosystem as networks of the next generations are a key link in development of unmanned vehicles, smart city infrastructure, power, telemedicine, emphasized in the company.

Essence of service

Service provides formation for the operator of the detailed report with the complete list of the detected vulnerabilities and the confirmed scenarios of the attacks and also expert recommendations about elimination of the revealed security concerns, including the list of the automated means of protecting.

In addition, operators have an opportunity free of charge to hold pilot testing of the product PT Telecom Attack Discovery for monitoring of security of signal network.

Depending on amount of works project duration according to security of communication networks 4G and 5G can vary from two to four weeks.

As the situation with security 4G and 5G is

Despite technology advantages of 4G networks in comparison with networks of the previous generations, the level of their security did not change. So, the researches Positive Technologies showed that in infrastructure 4G and 5G the same attacks, as in networks on the basis of SS7 can be implemented. Critically dangerous vulnerabilities of signal protocols (Diameter, GTP) and errors in a configuration of networks become "an open door" for the malefactors aiming to steal confidential data of subscribers it is illegal to define their location, to perform fraudulent activity or to cause failure in service of customer services.

According to experts of Positive Technologies, future communication networks of a 5G not only will inherit vulnerabilities of networks of fourth generation, but also can get other shortcomings of security. Along with high speed (by 10-1000 times bigger than at 4G), low power consumption and the minimum signal delays, active use in 5G networks of technologies of virtualization of network functions (Network Function Virtualization) is expected. Replacement of hardware elements program (including the free software) has many positive effects, however will potentially make cellular networks even more vulnerable for the attacks of malefactors.

Forecasts till 2020

After implementation of a 5G the world around will begin to change quite promptly: there will be "smart" hospitals, transport, football stadiums, ports, streets and cities— predicts Dmitry Kurbatov, the director on information security telecommunication systems of Positive Technologies. — Considerably also the scale of possible effects in case of the purposeful attack will grow. The problem of vulnerabilities of the Diameter and GTP protocols is relevant for each operator already today (including thanks to active development LTE-roaming), and after input in commercial operation of a 5G that is expected by 2020, periodic security audit will become critically necessary procedure.