RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2018/03/06 12:21:31

Signal networks Signaling System 7, SS7

Are used for transfer of office messages at connection of subscribers and delivery of information packets.

Historically they were the closed systems and were used for connection of limited number of operators of fixed connection. Because of it information security tools, such as enciphering and authentication of office messages are not provided in architecture of signal networks. In the current realities it became the reason of emergence of vulnerabilities which allow malefactors to implement threats of all types: from access to sensitive information, position fix and interception of incoming calls and messages before violation of functioning of network in general. Attacks on the infrastructure controlled by telecom operators can have destructive character and far-reaching effects. Difficulties of detection of the hacker attacks are caused by the fact that they can be indistinguishable from legal activity, difficult and distributed in time.

2018: 100% of the attacks on interception of Sms achieve the goal

According to results of monitoring of Positive Technologies, malefactors monitor subscribers, intercept calls, bypass the systems of tariffing, block users. Only one large operator with a subscriber base in several tens of millions of people every day is exposed more than 4 thousand cyber attacks.

Projects on monitoring of security in SS7 networks were carried out for large telecom operators of Europe and the countries of the Middle East. The attacks for the purpose of fraud, violations of availability of subscribers, interception of subscriber traffic (including calls and Sms) in the amount made less than 2%. However similar threats are the most dangerous to users, emphasized in the company.

According to results of a research, for malefactors 100% of the attacks directed to interception of Sms are successful. At the same time theft of the one-time codes transferred thus is fraught with a compromise of the RBS systems, mobile banks, online stores, portals of public services and sets of other services. In 2017 interception of Sms of subscribers of the German mobile operator therefore money from bank accounts of users was stolen served as an example of the similar attack.

Other type of the attacks — failure in service — poses a threat for electronic devices of Internet of Things. As you know, not only separate devices of users, but also elements of infrastructure of the "smart" cities, modern industrial enterprises, transport, energy and other companies are connected to networks of mobile communication.

Serious concerns are connected also with fraud concerning the operator or subscribers. According to Positive Technologies, an essential part of such attacks fell on unauthorized sending USSD requests (81%). Similar requests allow to make money transfer from the account of the subscriber, to sign the subscriber on expensive service or to send the phishing message on behalf of the entrusted service.

Security of networks of mobile communication still is at a low level that is confirmed by the results of works on the analysis of security of SS7 networks provided in the first part of the report. Data of 24 most informative projects in networks of operators of the countries of Europe (including Russia) and the Middle East in 2016 — 2017 which half more than 40 million people have the volume of a subscriber base got to selection.

As showed the analysis of security, practically in each network it is possible to listen to a conversation of the subscriber or to read the entering Sms, and fraudulent operations can be performed successfully in 78% of networks. All networks contain dangerous vulnerabilities which allow to break availability of services to subscribers.

Meanwhile, operators realize the existing risks: so, in 2017 in all studied networks the SMS Home Routing system functioned, and in every third network the filtering system and blocking of signal traffic was installed. However, according to the head of the safety department of telecommunication systems of Positive Technologies Dmitry Kurbatov, it is not enough as "all networks were subject to the vulnerabilities connected as with special cases of incorrect setup of the equipment, and with architectural problems of signal networks SS7 which cannot be eliminated with the available means".

On belief of representatives of Positive Technologies, only complex approach to security problem solving including regular carrying out the analysis of security, maintenance of settings of network in current status, permanent monitoring of signal traffic and timely identification of illegitimate activity can provide the high level of protection against criminals.

You See Also