May 28, 2016

Cellusys at FASG #5 – Two years on, and networks are still not protected

GSMA Fraud and Security Group meetings hold three times per year and the latest FASG #5 meeting was held in Malta on 24th – 26th May 2016. At FASG #5, Mobile Operators and Vendors shared their latest experiences about the risks that threatening mobile networks.

Cellusys was involved in several workshops, meetings and presentations and here is our very brief summary about the trends:

  • SS7 Vulnerabilities: It has now been 2 years since the industry was exposed to of weaknesses to the SS7 protocol. As it stands today, there are still very few networks that are addressing these security concerns. Many networks are still open to simple attacks. Leading industry experts are urging the implementation of Firewalls to protect against these simple attacks. It is too easy for attackers to abuse vulnerable networks and as such immediate action is being encouraged.
  • DNS Tunnelling: In a roaming scenario, the visited network charges for data traffic but the home network does not charge the subscriber for DNS traffic. In this attack, a prepaid Roamer SIM encapsulates Internet traffic in DNS requests and as a result home network will charge the subscriber for consuming data.
  • SIM swap: Attackers call subscribers and implement social engineering methods to get their personal / security details. Then they call customer care and pretend to be the real subscriber, claiming they lost their SIMs. By having the other SIMs they trick the mobile operator to transfer the account to the new SIM. This enables misuse such as IRSF or Banking fraud.

Discover how Cellusys Signalling Firewall can secure your network and your subscribers against signalling attacks.

Categorised in:

May 28, 2016