Telecom Attack Discovery

Arrest Cyber Attacks
Stall Cyber Attacks on SS7
Security monitoring, up-to-the-minute detection of anomalous activity,
and protection of the signaling network perimeter
Enhanced Visibility for Early Threat Detection
Detect malicious activities ahead of time
Constantly updated Attack Discovery knowledge
base protects you against with new attack patterns
Seamless Operations
Perform thorough analysis in the background
Capture incoming as well as outgoing traffic flows, with zero impact on core infrastructure and network service.

Telecom Attack Discovery

The backbone of a telecommunications company is the SS7 or  Signalling System 7.  What existed in the yester years is what is known as speaking channel for delivery of data packets. Decades ago this system was upgraded to Signalling System (SS7) bringing in more efficiency. SS7 serves as a base for a signalling infrastructure in local, national, international, and wireless networks. The implementations that was in prevalence earlier was fraught with security vulnerabilities such as lack of encryption or service messaging validations. So long as it existed in the closed control limited to landline operations; it caused no major hick-ups and was presumed “good to go with”.  

A decade ago a German researcher demonstrated a method that would allow mobile subscribers to be spied upon, later others showed how SMS messages could be intercepted catapulting the notoriety of these sort of vulnerabilities. These days there are smart ones who could get you location discovery service with up to a meter precision in more than a dozen countries in the world. Experts have opined this spying market is rapidly growing in this interconnected world.

Why is the solution relevant and important to a telecom player?

Telecommunication companies must be vary of cyber criminals who have the wherewithal to listen to a conversation, accurately pinpoint a person’s location to a meter precision, intercept SMS messages to gain access to mobile banking services, generate USSD commands to a billable number and conduct other malicious attacks.

While it is granted that it is difficult to penetrate the network directly; it is often easy to achieve this feat via the SS7 gateway systems. In some cases, the committed attacker can obtain the operator license in countries with relatively weak laws or obtain access through the black market from a legal operator for a substantial sum of money.

Therefore, it is an area of concern for telecommunication companies and they must invest time in securing their systems thereby protecting their subscribers.  SS7 MAP commands allow cell phones to be blocked from a distance. Lack of SS7 security threaten not only mobile subscribers but also a growing ecosystem of industrial and IoT devices — from ATMs to GSM, gas pressure control systems, that are also considered to be mobile network subscribers.

What benefits will an  operator derive by implementing this solution?

By deploying tested solutions in the market place, telecommunication companies exhibit their readiness in circumventing these challenges, ensuring their subscriber base is well protected, as well as augmenting their stature as a mature player in the market.  Trust is everything; a breach can tarnish your image in no time; perhaps millions will have to be spent to gain back the confidence if you fall in the public eye for the wrong reasons.

Who does Cyberton represent to provision this technology?

Cyberton supports PT Security’s Telecom Attack Discovery solutions 

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Commitment to clients and research has earned Positive Technologies a reputation as one of the foremost authorities on Industrial Control System, Banking, Telecom, Web Application, and ERP security, supported by recognition from the analyst community.

State-of-the-art solutions are developed at Positive Research, the company’s flagship research center and one of the largest in Europe. Positive Research experts have helped to identify and fix over 250 zero-day vulnerabilities in products from Cisco, Google, Honeywell, Huawei, Microsoft, Oracle, SAP, Schneider Electric, Siemens, and others, earning a reputation for world-class expertise in protection of devices and infrastructures at all scales from ATMs to nuclear power stations.

Findings by Positive Research are used for updating the MaxPatrol knowledge base and for development of security solutions including PT Application Firewall, PT Application Inspector, MaxPatrol Vulnerability and Compliance Management Solution, PT ISIM, PT MultiScanner and SS7 Attack Discovery. These products allow securing web applications, evaluating network protection, blocking attacks in real time, ensuring compliance with industry and national standards, and training security specialists. In 2015 and in 2016, the company was rated a Visionary in the Gartner Magic Quadrant for Web Application Firewalls (WAF).

Positive Technologies is the organizer of the annual Positive Hack Days international forum and security competition, in which over 4,000 experts take part every year.

Company specialists actively participate in organizations dedicated to information security (CEH, CIS, ISACA, Web Application Security Consortium), publish their works in various magazines devoted to practical information security, and regularly speak at major IS international conferences, including: Black Hat USA, CanSecWest, FIRST Annual Conference, HackInParis, Hack In The Box, ITSF, Microsoft Security Briefing, Nullcon, POC, Positive Hack Days, SAS, ZeroNights and others.