Smart grid networks and security architecture: Threat analysis, threat scenarios and vulnerabilities
Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of...
Transcript of Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of...
![Page 1: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/1.jpg)
ITU Workshop on “SS7 Security”Geneva, Switzerland
29 June 2016
Statistics of Vulnerabilities in SS7 Networksand Ways to Make them Secure
Dmitry KurbatovHead of Telecom Security
![Page 2: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/2.jpg)
ptsecurity.com
![Page 3: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/3.jpg)
ptsecurity.com
Technology from the 1970s
SS7 network
developed in the 1970s – 1990s
Mobile communication
developed in the 2000s
Mobile internet
Social networks
Messengers
Online banking
Internet of Things
What we use today and
what technology lies
at the heart of it
![Page 4: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/4.jpg)
ptsecurity.com
Summary of the last year
Incidents of attacks
on cellular carriers
and their subscribers
Greater attentionto (in)securityin telecom
16 projects dedicated to security analysisof SS7 networks
• No mobile network is secure
• Subscriber data is in jeopardy
• Multiple opportunities for fraud and attacks on infrastructure
!16
![Page 5: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/5.jpg)
ptsecurity.com
SS7 Security analysis procedure
![Page 6: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/6.jpg)
ptsecurity.com
Participant Profile
Distribution by regionDistribution by subscriber
database
![Page 7: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/7.jpg)
ptsecurity.com
Espionage, Wiretapping, and SMS Interception
![Page 8: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/8.jpg)
ptsecurity.com
Fraud
• Transferring money using USSD forgery requests
• Stealing money using SMS banking
• Obtaining access to a digital wallet
![Page 9: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/9.jpg)
ptsecurity.com
Operation Disruption
• No access to mobile services (calls and SMS)
for a victim subscriber
• No control over IoT devices
• Possibility of mass DoS
![Page 10: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/10.jpg)
ptsecurity.com
Mitigation Strategies / processes and tools
• Filter Cat 1 MAP Messages
• Filter Unused Messages
• Blacklist and Block “bad” GTs
• Vulnerability management
Proactive identification of vulnerabilitiesby scanning SS7 network perimeter
• Security monitoring
Passive detection of signaling attackswith further investigation and taking countermeasures
• Compliance management
Security assessments and compliance checks of SS7 configurations
![Page 11: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/11.jpg)
ptsecurity.com
Vulnerability management
Deliverables:
• Information about existing and potential vulnerabilities
• Recommendations for improving SS7 network security
Objectives:
• Determine which Network Elements may be vulnerable to malformed traffic or signaling attacks. Identify the SS7 signaling elements’ possible vulnerabilities, attack vectors, and associated issues.
Conditions:
• Target - Externally addressable SS7 Elements and Subscribers
• Method – Active probing of SS7 elements for known SS7 vulnerabilities
![Page 12: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/12.jpg)
ptsecurity.com
Security monitoring
Deliverables:
• Understanding
• What was the attack?
• What was the target?
• Where was the source?
• What was the dynamic and results?
• Knowledge
• Whom to abuse
• What to block
• How to plan security investments
Objectives:
• Precise monitoring of the perimeter to get network visibility and investigate if you have experienced, or are experiencing SS7 attacks.
Conditions:
• Target - SS7 Network
• Method –Introduction of Security Monitoring (IDS) into the signaling network and analysis of data
![Page 13: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/13.jpg)
ptsecurity.com
Compliance management
Deliverables:
• Control over vulnerable and misconfigured systems
• Maintain security posture and compliance management of network/services
Objectives:
• Get automated security configuration assessments and detailed compliance checks across all SS7 Network nodes according to configuration changes introduced by Vulnerability Management Recommendations and Black Lists updated by Security monitoring for attacks
Conditions:
• Target - SS7 Network nodes
• Method –Compliance checks across all SS7 Network nodes
![Page 14: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/14.jpg)
ptsecurity.com
Total outcome - Threats mitigation
Properly tuned, this activity allows to:
• Prevent degradation or unavailability of service
• Stop leakage of sensitive data
• Investigate and prevent fraud
• Preserve corporate reputation
• Keep revenue
![Page 15: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/15.jpg)
Thank you!
ptsecurity.com
![Page 16: Statistics of Vulnerabilities in SS7 Networks - ITU: … · · 2016-06-28Statistics of Vulnerabilities in SS7 Networks and Ways to Make them Secure ... SS7 Network nodes ... PowerPoint](https://reader031.fdocuments.net/reader031/viewer/2022021421/5ad692327f8b9a177c8e7f2e/html5/thumbnails/16.jpg)