Kaleido Security Report Download
38% of operators do not know the scale of disruption impacting their networks as a result of signalling attacks or device misbehaviour. Kaleido Intelligence and Cellusys present the findings of an operator survey conducted in late 2020 in order to assess operators’ perceptions surrounding mobile signalling security.
Additionally, the survey aimed to understand the level of security best practices implementation among the operator community in regard to present and emerging signalling security threats.
The risk of attacks has never been higher, due to the fact that open-source software and off-the-shelf hardware used by operators and cybercriminals alike have brought down the walls that historically meant that network infiltration required very specialised knowledge and a significant hardware budget. Meanwhile, protocols such as SS7 have been in use for decades: SS7 was developed in 1975, during a period when very few individuals envisioned the scale with which the Internet and communications networks have expanded and are relied upon today.
This resulted in virtually no consideration for security implementation; while successive protocols have improved upon their secure-by-design principles, flaws continue to exist in modern protocols, with in-use legacy protocols increasing the attack surface.
Fraud, denial-of-service, data interception and manipulation, identity theft and revenue loss are just some of the consequences that arise from signalling security exploits. Major challenges in detecting these attacks arise from the fact that, without the appropriate tools, the volume of signalling traffic makes finding suspicious traffic like looking for a needle in a haystack. Given the number of protocols in use, the importance of having a holistic view of network security cannot be understated: security is only as good as the weakest link in the chain.